查看文章

In the era of rapid network development, IoT devices are being deployed more and more widely, and various kinds of malware programs are gradually appearing at the deployment level. As a widely adopted static analysis approach, structure based analysis such as graph embedding can capture the semantic features of malware binaries and has received much research attention. In this paper, to further improve the robustness of the graph embedding approaches to IoT malware detection, we propose a novel method that incorporates both local and global characterizing features extracted from Function-Call Graphs (FCG) to perform the detection. The caller-callee relationship represents the local semantic features, and the global statistic feature represents the graph’s structural characteristics. The performance of the proposed method is evaluated on a largescale dataset consisting of 112K malware and 89k …