{"id":"https://openalex.org/W4322730960","doi":"https://doi.org/10.1109/access.2023.3247344","title":"Robust IoT Malware Detection and Classification Using Opcode Category Features on Machine Learning","display_name":"Robust IoT Malware Detection and Classification Using Opcode Category Features on Machine Learning","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4322730960","doi":"https://doi.org/10.1109/access.2023.3247344"},"language":"en","primary_location":{"id":"doi:10.1109/access.2023.3247344","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3247344","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10049419.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10049419.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101735161","display_name":"Hyun\u2010Jong Lee","orcid":"https://orcid.org/0000-0003-1260-0778"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Hyunjong Lee","raw_affiliation_strings":["SANDS Laboratory, Seoul, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"SANDS Laboratory, Seoul, South Korea","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101690799","display_name":"Sooin Kim","orcid":"https://orcid.org/0000-0002-7003-8296"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sooin Kim","raw_affiliation_strings":["Department of Software Science, Dankook University, Yongin, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Software Science, Dankook University, Yongin, South Korea","institution_ids":["https://openalex.org/I89015989"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038436376","display_name":"Dong-Heon Baek","orcid":"https://orcid.org/0000-0002-9450-4247"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Dongheon Baek","raw_affiliation_strings":["Dankook University, Cheonan, South Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Dankook University, Cheonan, South Korea","institution_ids":["https://openalex.org/I89015989"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100448786","display_name":"Dong\u2010Hoon Kim","orcid":"https://orcid.org/0000-0003-1431-8776"},"institutions":[{"id":"https://openalex.org/I125956826","display_name":"Arkansas State University","ror":"https://ror.org/006pyvd89","country_code":"US","type":"education","lineage":["https://openalex.org/I125956826"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Donghoon Kim","raw_affiliation_strings":["Department of Computer Science, Arkansas State University, Jonesboro, AR, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Arkansas State University, Jonesboro, AR, USA","institution_ids":["https://openalex.org/I125956826"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5014175226","display_name":"Doosung Hwang","orcid":"https://orcid.org/0000-0003-1840-9296"},"institutions":[{"id":"https://openalex.org/I89015989","display_name":"Dankook University","ror":"https://ror.org/058pdbn81","country_code":"KR","type":"education","lineage":["https://openalex.org/I89015989"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Doosung Hwang","raw_affiliation_strings":["Department of Software Science, Dankook University, Yongin, South Korea"],"raw_orcid":"https://orcid.org/0000-0003-1840-9296","affiliations":[{"raw_affiliation_string":"Department of Software Science, Dankook University, Yongin, South Korea","institution_ids":["https://openalex.org/I89015989"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":6.8202,"has_fulltext":true,"cited_by_count":37,"citation_normalized_percentile":{"value":0.97882877,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":"11","issue":null,"first_page":"18855","last_page":"18867"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9775999784469604,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/opcode","display_name":"Opcode","score":0.9884993433952332},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8489075899124146},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.7743345499038696},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.6110035181045532},{"id":"https://openalex.org/keywords/support-vector-machine","display_name":"Support vector machine","score":0.5701037049293518},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.5274037718772888},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5160545706748962},{"id":"https://openalex.org/keywords/precision-and-recall","display_name":"Precision and recall","score":0.4876617193222046},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.4617718458175659},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.39293360710144043},{"id":"https://openalex.org/keywords/pattern-recognition","display_name":"Pattern recognition (psychology)","score":0.3874279856681824},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.12134885787963867}],"concepts":[{"id":"https://openalex.org/C52173422","wikidata":"https://www.wikidata.org/wiki/Q766483","display_name":"Opcode","level":2,"score":0.9884993433952332},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8489075899124146},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.7743345499038696},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.6110035181045532},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.5701037049293518},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.5274037718772888},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5160545706748962},{"id":"https://openalex.org/C81669768","wikidata":"https://www.wikidata.org/wiki/Q2359161","display_name":"Precision and recall","level":2,"score":0.4876617193222046},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.4617718458175659},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.39293360710144043},{"id":"https://openalex.org/C153180895","wikidata":"https://www.wikidata.org/wiki/Q7148389","display_name":"Pattern recognition (psychology)","level":2,"score":0.3874279856681824},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.12134885787963867},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2023.3247344","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3247344","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10049419.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:3f380faf63e14da18efcbd349b9c9a13","is_oa":true,"landing_page_url":"https://doaj.org/article/3f380faf63e14da18efcbd349b9c9a13","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 11, Pp 18855-18867 (2023)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2023.3247344","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2023.3247344","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/10005208/10049419.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G7569628515","display_name":null,"funder_award_id":"2019-0-00197","funder_id":"https://openalex.org/F4320335489","funder_display_name":"Institute for Information and Communications Technology Promotion"}],"funders":[{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4322730960.pdf","grobid_xml":"https://content.openalex.org/works/W4322730960.grobid-xml"},"referenced_works_count":48,"referenced_works":["https://openalex.org/W1518563014","https://openalex.org/W1967868143","https://openalex.org/W2056107175","https://openalex.org/W2105103777","https://openalex.org/W2115771393","https://openalex.org/W2125011234","https://openalex.org/W2139874739","https://openalex.org/W2150423842","https://openalex.org/W2242648860","https://openalex.org/W2378208052","https://openalex.org/W2586432806","https://openalex.org/W2599823825","https://openalex.org/W2620760558","https://openalex.org/W2733765803","https://openalex.org/W2736972628","https://openalex.org/W2788864200","https://openalex.org/W2791258732","https://openalex.org/W2806076636","https://openalex.org/W2897024610","https://openalex.org/W2902209387","https://openalex.org/W2913493033","https://openalex.org/W2924196523","https://openalex.org/W2949992015","https://openalex.org/W2961099251","https://openalex.org/W2962802821","https://openalex.org/W2982596671","https://openalex.org/W2988961468","https://openalex.org/W3015301903","https://openalex.org/W3016048014","https://openalex.org/W3027431742","https://openalex.org/W3028311012","https://openalex.org/W3094174376","https://openalex.org/W3113371616","https://openalex.org/W3131954256","https://openalex.org/W3154291614","https://openalex.org/W3186080995","https://openalex.org/W3213407076","https://openalex.org/W4206724648","https://openalex.org/W4220985538","https://openalex.org/W4226019100","https://openalex.org/W4238357093","https://openalex.org/W4280610250","https://openalex.org/W4281398200","https://openalex.org/W4294672390","https://openalex.org/W4295928027","https://openalex.org/W6637397297","https://openalex.org/W6748641434","https://openalex.org/W6794840795"],"related_works":["https://openalex.org/W36091977","https://openalex.org/W4382794599","https://openalex.org/W2800331776","https://openalex.org/W2903602818","https://openalex.org/W2003791967","https://openalex.org/W4387382577","https://openalex.org/W3016048014","https://openalex.org/W4294976063","https://openalex.org/W2902612505","https://openalex.org/W2765921396"],"abstract_inverted_index":{"Technology":[0],"advancements":[1],"have":[2,174,181],"led":[3],"to":[4,23,45,88,100,131],"the":[5,113,184],"use":[6],"of":[7,9,37,41,109,116,196],"millions":[8],"IoT":[10,13,29,48,79,197],"devices.":[11],"However,":[12],"devices":[14],"are":[15,93,104,188],"being":[16,32],"exploited":[17],"as":[18,157],"an":[19,175],"entry":[20],"point":[21],"due":[22],"security":[24],"flaws":[25],"by":[26,124],"resource":[27],"constraints.":[28],"malware":[30,49,58,170,198],"is":[31,44,84],"discovered":[33],"in":[34,129],"a":[35,107,126],"variety":[36],"types.":[38],"The":[39,77,91,166,179],"purpose":[40],"this":[42,82],"study":[43,83],"investigate":[46],"whether":[47,56],"can":[50,61,121],"be":[51,62,122],"detected":[52],"from":[53],"benign":[54],"and":[55,67,112,147,150,164,172,190,199],"various":[57,140,153],"family":[59],"types":[60,195],"classified.":[63],"We":[64,134],"propose":[65],"fixed-length":[66],"low-dimensional":[68],"features":[69,120,138,185],"using":[70,106,125],"opcode":[71,87,110,117],"category":[72],"information":[73],"on":[74,139],"ML":[75,141],"models.":[76],"binary":[78],"dataset":[80],"for":[81,169,192],"converted":[85],"into":[86,95],"create":[89],"features.":[90],"opcodes":[92],"categorized":[94],"6":[96],"or":[97],"11":[98],"according":[99],"their":[101],"functionality.":[102],"Features":[103],"created":[105],"sequence":[108],"categories":[111],"entropy":[114],"values":[115],"categories.":[118],"These":[119],"visualized":[123],"2D":[127],"image":[128],"order":[130],"observe":[132],"patterns.":[133],"evaluate":[135],"our":[136],"proposed":[137,187],"models":[142],"(5-NN,":[143],"SVM,":[144],"Decision":[145],"Tree,":[146],"Random":[148],"Forest)":[149],"MLP":[151],"with":[152],"performance":[154,167],"metrics,":[155],"such":[156],"Accuracy,":[158],"Precision,":[159],"Recall,":[160],"F1-score,":[161],"MCC,":[162],"AUC-ROC,":[163],"AUC-PR.":[165],"results":[168],"detection":[171],"classification":[173],"accuracy":[176],"over":[177],"98.0%.":[178],"experiments":[180],"demonstrated":[182],"that":[183],"we\u2019ve":[186],"effective":[189],"robust":[191],"identifying":[193],"different":[194],"benign.":[200]},"counts_by_year":[{"year":2026,"cited_by_count":4},{"year":2025,"cited_by_count":18},{"year":2024,"cited_by_count":13},{"year":2023,"cited_by_count":2}],"updated_date":"2026-06-13T07:54:00.901334","created_date":"2025-10-10T00:00:00"}