Edge-Based IIoT Malware Detection for Mobile Devices With Offloading

The advent of 5G brought new opportunities to leapfrog beyond current Industrial Internet of Things (IoT). However, the ever-growing IoT has also attracted adversaries to develop new malware attacks against various IoT applications. Although deep-learning-based methods are expected to combat the sophisticated malwares by exploring the latent attack patterns, such detection can be hardly supported by battery-powered end devices, such as Android-based smartphones. Edge computing enables the near-real-time analysis of IoT data by migrating artificial intelligence (AI)-enabled computation-intensive tasks from resource-constrained IoT devices to nearby edge servers. However, owing to varying channel conditions and the demanding latency requirements of malware detection, it is challenging to coordinate the computing task offloading among multiple users. By leveraging the computation capacity and the proximity benefits of edge computing, we propose a hierarchical security framework for IoT malware detection. Considering the complexity of the AI-enabled malware detection task, we provide a delay-aware computational offloading strategy with minimum delay. Specifically, we construct a coordinated representation learning model, named by Two-Stream Attention-Caps, to capture the latent behavioral patterns of evolving malware attacks. Experimental results show that our system consistently outperforms the state-of-the-art systems in detection performance on four benchmark datasets.

Automated summary

The advent of 5G has brought new opportunities for Industrial Internet of Things (IoT) to leapfrog beyond current capabilities. However, the growing IoT has also attracted adversaries who develop new malware attacks on IoT applications. Deep-learning-based methods are expected to combat these sophisticated malwares, but they are not feasible for battery-powered end devices like Android smartphones. Edge computing enables near-real-time analysis of IoT data by shifting computation-intensive tasks to nearby edge servers. However, coordinating the task offloading among multiple users is challenging due to varying channel conditions and latency requirements. To address these challenges, we propose a hierarchical security framework for IoT malware detection that leverages the computation capacity and proximity benefits of edge computing. We also provide a delay-aware computational offloading strategy and construct a coordinated representation learning model, called Two-Stream Attention-Caps, to capture evolving malware attack patterns. Experimental results demonstrate superior detection performance compared to state-of-the-art systems on four benchmark datasets.