FIViz: Forensics Investigation through Visualization for Malware in Internet of Things

Israr Ahmad, Munam Ali Shah, Hasan Ali Khattak, Zoobia Ameer, Murad Khan and Kijun Han
Additional contact information
Israr Ahmad: Department of Computing and Information Systems, Sunway University, Subang Jaya 47500, Malaysia
Munam Ali Shah: Department of Computer Science, COMSATS University Islamabad, Islamabad 45000, Pakistan
Hasan Ali Khattak: Department of Computer Science, COMSATS University Islamabad, Islamabad 45000, Pakistan
Zoobia Ameer: Department of Physics, Shaheed Benazir Bhutto Women University Peshawar, Peshawar 25000, Pakistan
Murad Khan: School of Computer Science and Engineering, Kyungpook National University, Daegu 41566, Korea
Kijun Han: School of Computer Science and Engineering, Kyungpook National University, Daegu 41566, Korea

Sustainability, 2020, vol. 12, issue 18, 1-23

Abstract: Adoption of the Internet of Things for the realization of smart cities in various domains has been pushed by the advancements in Information Communication and Technology. Transportation, power delivery, environmental monitoring, and medical applications are among the front runners when it comes to leveraging the benefits of IoT for improving services through modern decision support systems. Though with the enormous usage of the Internet of Medical Things, security and privacy become intrinsic issues, thus adversaries can exploit these devices or information on these devices for malicious intents. These devices generate and log large and complex raw data which are used by decision support systems to provide better care to patients. Investigation of these enormous and complicated data from a victim’s device is a daunting and time-consuming task for an investigator. Different feature-based frameworks have been proposed to resolve this problem to detect early and effectively the access logs to better assess the event. But the problem with the existing approaches is that it forces the investigator to manually comb through collected data which can contain a huge amount of irrelevant data. These data are provided normally in textual form to the investigators which are too time-consuming for the investigations even if they can utilize machine learning or natural language processing techniques. In this paper, we proposed a visualization-based approach to tackle the problem of investigating large and complex raw data sets from the Internet of Medical Things. Our contribution in this work is twofold. Firstly, we create a data set through a dynamic behavioral analysis of 400 malware samples. Secondly, the resultant and reduced data set were then visualized most feasibly. This is to investigate an incident easily. The experimental results show that an investigator can investigate large amounts of data in an easy and time-efficient manner through the effective use of visualization techniques.

Keywords: Internet of Medical Things; security; visualization; malware; forensics investigation (search for similar items in EconPapers)
JEL-codes: O13 Q Q0 Q2 Q3 Q5 Q56 (search for similar items in EconPapers)
Date: 2020
References: View complete reference list from CitEc
Citations: View citations in EconPapers (1)

Downloads: (external link)
https://www.mdpi.com/2071-1050/12/18/7262/pdf (application/pdf)
https://www.mdpi.com/2071-1050/12/18/7262/ (text/html)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:gam:jsusta:v:12:y:2020:i:18:p:7262-:d:408969

Access Statistics for this article

Sustainability is currently edited by Ms. Alexandra Wu

More articles in Sustainability from MDPI
Bibliographic data for series maintained by MDPI Indexing Manager ().