Vietnam Academy of Science and Technology

Project's information

Project's title

Research on botnet malware analysis and detection in IoT devices based on graph data mining

Project’s code

VAST01.06/21-22

Research hosting institution

Institute of Information Technology

Project leader’s name

MsC. Tran Duc Thang

Project duration

01/01/2021 - 31/12/2022

Project’s budget

600 million VND

Classify

Grade B

Goal and objectives of the project

- Analyze and evaluate the different characteristics of IoT botnet malware compared to traditional computer malware.
- Propose methods and algorithms to analyze and detect IoT botnet malware based on graph data mining algorithms.
- Implementing, testing and evaluating proposed methods on sample data sets and real data.
- Publication of research results in international journals of SCIE list.

Main results

Theoretical results:

- Research the characteristics, modes of operation, evolution and assessment of the danger of botnet malware on IoT devices.

- Propose methods and algorithms to detect botnet malware on IoT devices based on graph data mining algorithms.

- Training 01 PhD student, 01 MsC student with thesis topics in the research direction of the project.

- 03 papers in the research direction of the project. In which 01 paper in the SCIE-Q1 journal; 01 paper in Information Security Journal; 01 paper in Proceedings of the International Conference.

Applied results:

- Build a test program to detect botnet malware on IoT devices using proposed malware detection algorithms.

- Test and evaluate the results of running botnet malware detection program on IoT devices from data collected on consumer IoT devices and sample data with a total of 10,010 data samples.

Novelty and actuality and scientific meaningfulness of the results

- Propose methods to detect botnet malware on IoT using frequency-based graph data mining algorithms and lazy-based algorithms.
- Propose methods to detect botnet malware on IoT using compression-based and Exhaustive-based graph data mining algorithms.
The project of applying malware detection methods on IoT devices proposes to build and test a malware detection program on common IoT devices with a total of 10,010 data samples.

Products of the project

- Scientific papers in referred journals (list):

03 papers in the research direction of the project. In which 01 paper in the SCIE-Q1 journal; 01 paper in Information Security Journal; 01 paper in Proceedings of the International Conference.

1. Giang L. Nguyen, Braulio Dumbab, Quoc-Dung Ngoc, Hai-Viet Le, Tu N. Nguyen (2022), A Collaborative Approach to Early Detection of IoT Botnet, Computers & Electrical Engineering 97, 107525, (SCIE, Q1, IF = 4.152 ).

2. Nguyen Huy Trung, Le Hai Viet, Tran Duc Thang, Research and development automatically generate detection rules for IDS based on machine learning technology, Journal of Science and Technology in Information Security, No. 2. CS(14) 2021, tr. 45-54.

3. Quoc-Dung Ngo, Quoc-Huu Nguyen, A Reinforcement Learning-Based Approach for Detection Zero-Day Malware Attacks on IoT, CSOC 2022: Artificial Intelligence Trends in Systems, Lecture Notes in Networks and Systems, pp 381–394

- Patents (list):

- Technological products (describe in details: technical characteristics, place):

1) Scientific report on methods and algorithms to detect botnet malware on IoT devices based on graph data mining algorithms

2) Test program to detect botnet malware on IoT devices

3) Report test results of botnet malware detection program on IoT devices

4) Report on the results of the project

5) Scientific papers (evidences in the report of the project )

6) Training support 01 PhD student, 01 MsC student (evidenced in the report of the project)

- Scientific papers in referred journals (list):

03 papers in the research direction of the project. In which 01 paper in the SCIE-Q1 journal; 01 paper in Information Security Journal; 01 paper in Proceedings of the International Conference.

- Patents (list):

- Technological products (describe in details: technical characteristics, place):

1) Scientific report on methods and algorithms to detect botnet malware on IoT devices based on graph data mining algorithms

2) Test program to detect botnet malware on IoT devices

3) Report test results of botnet malware detection program on IoT devices

4) Report on the results of the project

5) Scientific papers (evidences in the report of the project )

6) Training support 01 PhD student, 01 MsC student (evidenced in the report of the project)

- Scientific papers in referred journals (list):

03 papers in the research direction of the project. In which 01 paper in the SCIE-Q1 journal; 01 paper in Information Security Journal; 01 paper in Proceedings of the International Conference.

- Patents (list):

- Technological products (describe in details: technical characteristics, place):

1) Scientific report on methods and algorithms to detect botnet malware on IoT devices based on graph data mining algorithms

2) Test program to detect botnet malware on IoT devices

3) Report test results of botnet malware detection program on IoT devices

4) Report on the results of the project

5) Scientific papers (evidences in the report of the project )

6) Training support 01 PhD student, 01 MsC student (evidenced in the report of the project)

Student name

Subject name

Supervisor

University

Course

PhD. Le Hai Viet

Research and build V-Sandbox system in IoT Botnet malware analysis and detection

1. Dr. Ngo Quoc Dung

2. Prof. Dr. Vu Duc Thi

Graduate University of Science and Technology, Vietnam Academy of Science and Technology.

2017-2021

MsC. Tran Thi Huong

Botnet malware detection method in IoT devices based on graph data mining

1. Assc. Prof. Dr. Nguyen Long Giang

Hanoi National University of Education 2

2019-2021

Research area

Proposed implementation at the People's Security Academy, Ministry of Public Security.

Images of project

1691721867534-Screen Shot 2023-08-11 at 9.28.13 AM.png