IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v12y2020i18p7262-d408969.html
   My bibliography  Save this article

FIViz: Forensics Investigation through Visualization for Malware in Internet of Things

Author

Listed:
  • Israr Ahmad

    (Department of Computing and Information Systems, Sunway University, Subang Jaya 47500, Malaysia
    Department of Computer Science, COMSATS University Islamabad, Islamabad 45000, Pakistan)

  • Munam Ali Shah

    (Department of Computer Science, COMSATS University Islamabad, Islamabad 45000, Pakistan)

  • Hasan Ali Khattak

    (Department of Computer Science, COMSATS University Islamabad, Islamabad 45000, Pakistan
    Department of Computing, School of Electrical Engineering and Computer Science (SEECS), National University of Science and Technology (NUST), Islamabad 45000, Pakistan)

  • Zoobia Ameer

    (Department of Physics, Shaheed Benazir Bhutto Women University Peshawar, Peshawar 25000, Pakistan)

  • Murad Khan

    (School of Computer Science and Engineering, Kyungpook National University, Daegu 41566, Korea)

  • Kijun Han

    (School of Computer Science and Engineering, Kyungpook National University, Daegu 41566, Korea)

Abstract

Adoption of the Internet of Things for the realization of smart cities in various domains has been pushed by the advancements in Information Communication and Technology. Transportation, power delivery, environmental monitoring, and medical applications are among the front runners when it comes to leveraging the benefits of IoT for improving services through modern decision support systems. Though with the enormous usage of the Internet of Medical Things, security and privacy become intrinsic issues, thus adversaries can exploit these devices or information on these devices for malicious intents. These devices generate and log large and complex raw data which are used by decision support systems to provide better care to patients. Investigation of these enormous and complicated data from a victim’s device is a daunting and time-consuming task for an investigator. Different feature-based frameworks have been proposed to resolve this problem to detect early and effectively the access logs to better assess the event. But the problem with the existing approaches is that it forces the investigator to manually comb through collected data which can contain a huge amount of irrelevant data. These data are provided normally in textual form to the investigators which are too time-consuming for the investigations even if they can utilize machine learning or natural language processing techniques. In this paper, we proposed a visualization-based approach to tackle the problem of investigating large and complex raw data sets from the Internet of Medical Things. Our contribution in this work is twofold. Firstly, we create a data set through a dynamic behavioral analysis of 400 malware samples. Secondly, the resultant and reduced data set were then visualized most feasibly. This is to investigate an incident easily. The experimental results show that an investigator can investigate large amounts of data in an easy and time-efficient manner through the effective use of visualization techniques.

Suggested Citation

  • Israr Ahmad & Munam Ali Shah & Hasan Ali Khattak & Zoobia Ameer & Murad Khan & Kijun Han, 2020. "FIViz: Forensics Investigation through Visualization for Malware in Internet of Things," Sustainability, MDPI, vol. 12(18), pages 1-23, September.
    • Handle: RePEc:gam:jsusta:v:12:y:2020:i:18:p:7262-:d:408969
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/12/18/7262/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/12/18/7262/
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Syed Yawar Abbas Zaidi & Munam Ali Shah & Hasan Ali Khattak & Carsten Maple & Hafiz Tayyab Rauf & Ahmed M. El-Sherbeeny & Mohammed A. El-Meligy, 2021. "An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts," Sustainability, MDPI, vol. 13(19), pages 1-26, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:12:y:2020:i:18:p:7262-:d:408969. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.