Effective malware detection scheme based on classified behavior graph in IIoT

Abstract In Industrial Internet of Things(IIoT), secure transferring, computing and processing data are critical in developing automated environments, such as smart factories, smart airports and smart healthcare systems for high quality service. Therefore, how to make full use of the massive industrial data in IIoT while preventing malware intrusion and leaking out no privacy is a leading and promising work. In this paper, we focus on the research of malware detection and propose an architecture of a classified behavior graph-based intelligent detection model for malware attacks, which can not only avoid the high cost in graph matching but also achieve high malware detection accuracy. Experiments on the malware families Delf, Obfuscated, Small and Zlob, each malware family containing 880 samples, show that the highest accuracy TPR can reach up to 99.9%.