Machine Learning-Based Malware Classification in Real-Time IoT Scenarios

Ensuring the security of next-generation network infrastructures, including 5G/6G, the Internet of Things, and software-defined networks, necessitates the precise detection and identification of malware families. While existing methodologies, for malware identification, have demonstrated higher accuracy, their effectiveness has predominantly been validated on a limited subset of malware families or samples. These analyses often focus on malware families with a higher number of samples, potentially leading to biased and unrepresentative classification results. This leads to unreliable detection in real-world heterogeneous network environments. To bridge this gap, our study aims to enhance the accuracy and robustness of malware identification systems by investigating the impact of dataset size, and class balance, using temporal data augmentation technique, on classifier performance. The study demonstrates that maintaining balanced sample sizes across various malware families significantly improves classifier accuracy by mitigating bias towards majority classes. Precisely, our approach employs state-of-the-art classifiers and two data augmentation schemes, Synthetic Data Vault and Synthetic Minority Over-sampling Technique, to further improve the malware classification into malware families, particularly in settings like edge networks and Internet of Things devices that are susceptible to hostile attacks.