IOT-MDEDTL: IoT Malware Detection based on Ensemble Deep Transfer Learning

  • Qasim Khlaif Kadhim
  • Ahmed Qassem Ali Sharhan Al-Sudani
  • Inas Amjed Almani
  • Tawfeeq Alghazali
  • Hasan Khalid Dabis
  • Atheer Taha Mohammed
  • Saad Ghazi Talib
  • Rawnaq Adnan Mahmood
  • Zahraa Tariq Sahi
  • Yaqeen S. Mezaal
Keywords: malware detection, convolutional neural networks, transfer learning, ensemble learning, deep learning


The internet of things (IoT) is a promising expansion of the traditional Internet, which provides the foundation for millions of devices to interact with each other. IoT enables these smart devices, such as home appliances, different types of vehicles, sensor controllers, and security cameras, to share information, and this has been successfully done to enhance the quality of user experience. IoT-based mediums in day-to-day life are, in fact, minuscule computational resources, which are adjusted to be thoroughly domain-specific. As a result, monitoring and detecting various attacks on these devices becomes feasible. As the statistics prove, in the Mirai and Brickerbot botnets, Distributed Denial-of-Service (DDoS) attacks have become increasingly ubiquitous. To ameliorate this, in this paper, we propose a novel approach for detecting IoT malware from the preprocessed binary data using transfer learning. Our method comprises two feature extractors, named ResNet101 and VGG16, which learn to classify input data as malicious and non-malicious. The input data is built from preprocessing and converting the binary format of data into gray-scale images. The feature maps obtained from these two models are fused together to further be classified. Extensive experiments exhibit the efficiency of the proposed approach in a well-known dataset, achieving the accuracy, precision, and recall of 96.31%, 95.31%, and 94.80%, respectively.


[1] Salman O, Elhajj I, Chehab A, Kayssi A, “IoT survey: An SDN and fog computing perspective” Computer Networks. 2018 Oct 9;143:221-46.
[2] Talal H, Zagrouba R, “MADS Based on DL Techniques on the Internet of Things (IoT): Survey” Electronics. 2021 Oct 24;10(21):2598.
[3] Bagane P, Joseph SG, Singh A, Shrivastava A, Prabha B, Shrivastava A, “Classification of Malware using Deep Learning Techniques. In2021 9th International Conference on Cyber and IT Service Management (CITSM)” 2021 Sep 22 (pp. 1-7). IEEE.
[4] Maraveas C, Piromalis D, Arvanitis KG, Bartzanas T, Loukatos D, “Applications of IoT for optimized greenhouse environment and resources management” Computers and Electronics in Agriculture. 2022 Jul 1;198:106993.
[5] Mohindru V, Vashishth S, Bathija D, “Internet of Things (IoT) for Healthcare Systems: A Comprehensive Survey” Recent Innovations in Computing. 2022:213-29.
[6] Phasinam K, Kassanuk T, Shinde PP, Thakar CM, Sharma DK, Mohiddin M, Rahmani AW, “Application of IoT and cloud computing in automation of agriculture irrigation” Journal of Food Quality. 2022 Jan 18;2022.
[7] Wu Y, Dai HN, Wang H, Xiong Z, Guo S, “A survey of intelligent network slicing management for industrial IoT: integrated approaches for smart transportation, smart energy, and smart factory” IEEE Communications Surveys & Tutorials. 2022 Mar 10.
[8] Li C, Cao Z, “Lora networking techniques for large-scale and long-term IoT: A down-to-top survey” ACM Computing Surveys (CSUR). 2022 Feb 3;55(3):1-36.
[9] Al-Hadhrami Y, Hussain FK, “DDoS attacks in IoT networks: a comprehensive systematic literature review” World Wide Web. 2021 May;24(3):971-1001.
[10] Liang X, Kim Y, “A survey on security attacks and solutions in the IoT network” In2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC) 2021 Jan 27 (pp. 0853-0859). IEEE.
[11] Mishra N, Pandya S, “Internet of things applications, security challenges, attacks, intrusion detection, and future visions: A systematic review” IEEE Access. 2021 Apr 15;9:59353-77.
[12] Bahaa A, Abdelaziz A, Sayed A, Elfangary L, Fahmy H, “Monitoring real-time security attacks for IoT systems using DevSecOps: a systematic literature review” Information. 2021 Apr 7;12(4):154.
[13] Raju AD, Abualhaol IY, Giagone RS, Zhou Y, Huang S, “A survey on cross-architectural IoT malware threat hunting” IEEE Access. 2021 Jun 22;9:91686-709.
[14] Dahl GE, Stokes JW, Deng L, Yu D, “Large-scale malware classification using random projections and neural networks” In2013 IEEE International Conference on Acoustics, Speech, and Signal Processing 2013 May 26 (pp. 3422-3426). IEEE.
[15] Firdausi I, Erwin A, Nugroho AS, “Analysis of machine learning techniques used in behavior-based malware detection” In2010, second international conference on advances in computing, control, and telecommunication technologies 2010 Dec 2 (pp. 201-203). IEEE.
[16] Nguyen HT, Ngo QD, Le VH, “A novel graph-based approach for IoT botnet detection” International Journal of Information Security. 2020 Oct;19(5):567-77.
[17] Alasmary H, Khormali A, Anwar A, Park J, Choi J, Abusnaina A, Awad A, Nyang D, Mohaisen A, “Analyzing and detecting emerging Internet of Things malware: A graph-based approach” IEEE Internet of Things Journal. 2019 Jul 1;6(5):8977-88.
[18] Majid AA, Alshaibi AJ, Kostyuchenko E, Shelupanov A, “A review of artificial intelligence-based malware detection using deep learning” Materials Today: Proceedings. 2021 Jul 21.
[19] Fukushima, K, “Neocognitron: a self-organizing neural network model for a mechanism of pattern recognition unafected by shift in position” Biol. Cybern. 36, 193–202 (1980)
[20] Ouhami M, Hafiane A, Es-Saady Y, El Hajji M, Canals R, “Computer vision, IoT and data fusion for crop disease detection using machine learning: A survey and ongoing research” Remote Sensing. 2021 Jun 25;13(13):2486.
[21] Ouhami M, Hafiane A, Es-Saady Y, El Hajji M, Canals R, “Computer vision, IoT and data fusion for crop disease detection using machine learning: A survey and ongoing research” Remote Sensing. 2021 Jun 25;13(13):2486.
[22] Zaidi SS, Ansari MS, Aslam A, Kanwal N, Asghar M, Lee B, “A survey of modern deep learning based object detection models” Digital Signal Processing. 2022 Mar 8:103514.
[23] Yang G, Ye Z, Zhang R, Huang K, “A comprehensive survey of zero-shot image classification: methods, implementation, and fair evaluation” Applied Computing and Intelligence. 2022;2(1):1-31.
[24] Rasti B, Chang Y, Dalsasso E, Denis L, Ghamisi P, “Image restoration for remote sensing: Overview and toolbox” arXiv preprint arXiv:2107.00557. 2021 Jul 1.
[25] Jaiswal T, “Image captioning through cognitive IOT and machine-learning approaches” Turkish Journal of Computer and Mathematics Education (TURCOMAT). 2021 Apr 24;12(9):333-51.
[26] Nourani V, Molajou A, Najafi H, Danandeh Mehr A, “Emotional ANN (EANN): a new generation of neural networks for hydrological modeling in IoT” InArtificial intelligence in IoT 2019 (pp. 45-61). Springer, Cham.
[27] Xu R, Lv P, Xu F, Shi Y, “A survey of approaches for implementing optical neural networks” Optics & Laser Technology. 2021 Apr 1;136:106787.
[28] Gunavathi C, Sivasubramanian K, Keerthika P, Paramasivam C, “A review on convolutional neural network based deep learning methods in gene expression data for disease diagnosis” Materials Today: Proceedings. 2021 Jan 1;45:2282-5.
[29] Sarker IH, “Deep cybersecurity: a comprehensive overview from neural network and deep learning perspective” SN Computer Science. 2021 May;2(3):1-6.
[30] He K, Zhang X, Ren S, Sun J, “Deep residual learning for image recognition” InProceedings of the IEEE conference on computer vision and pattern recognition 2016 (pp. 770-778).
[31] Simonyan K, Zisserman A, “Very deep convolutional networks for large-scale image recognition” arXiv preprint arXiv:1409.1556. 2014 Sep 4.
[32] Li B, Lima D, “Facial expression recognition via ResNet-50” International Journal of Cognitive Computing in Engineering. 2021 Jun 1;2:57-64.
[33] Lu L, Jin P, Pang G, Zhang Z, Karniadakis GE, “Learning nonlinear operators via DeepONet based on the universal approximation theorem of operators” Nature Machine Intelligence. 2021 Mar;3(3):218-29.
[34] Roelofs R, Shankar V, Recht B, Fridovich-Keil S, Hardt M, Miller J, Schmidt L, “A meta-analysis of overfitting in machine learning” Advances in Neural Information Processing Systems. 2019;32.
[35] Chen CT, Gu GX, “Generative deep neural networks for inverse materials design using backpropagation and active learning” Advanced Science. 2020 Mar;7(5):1902607.
[36] Liu T, Chen M, Zhou M, Du SS, Zhou E, Zhao T, “Towards understanding the importance of shortcut connections in residual networks” Advances in neural information processing systems. 2019;32.
[37] Seo S, Rim DJ, Lim M, Lee D, Park H, Oh J, Kim C, Kim JH, “Shortcut connections based deep speaker embeddings for end-to-end speaker verification system” system. 2019;13(15):17.
[38] Sitaula C, Hossain MB, “Attention-based VGG-16 model for COVID-19 chest X-ray image classification” Applied Intelligence. 2021 May;51(5):2850-63.
[39] Krizhevsky A, Sutskever I, Hinton GE, “Imagenet classification with deep convolutional neural networks” Advances in neural information processing systems. 2012;25.
[40] Zhuang F, Qi Z, Duan K, Xi D, Zhu Y, Zhu H, Xiong H, He Q, “A comprehensive survey on transfer learning” Proceedings of the IEEE. 2020 Jul 7;109(1):43-76.
[41] Neyshabur B, Sedghi H, Zhang C, “What is being transferred in transfer learning?” Advances in neural information processing systems. 2020;33:512-23.
[42] F. Shahzad, M. Farooq, Elf-miner, “Using structural knowledge and data mining methods to detect new (linux malicious executables” Knowledge and Information Systems, vol. 30, no. 3, pp. 589-612, 2012
[43] Phu, T.N., Hoang, L.H., Toan, N.N., Tho, N.D. and Binh, N.N., CFDVex, “A Novel Feature Extraction Method for Detecting Cross-Architecture IoT Malware” In Proceedings of the Tenth International Symposium on Information and Communication Technology, pp. 248-254, 2019.
[44] Jiawei Su, Danilo Vasconcellos Vargas, Sanjiva Prasad, Daniele Sgandurra, Yaokai Feng, Kouichi Sakurai, “Lightweight Classification of IoT Malware based on Image Recognition” 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), vol. 2, pp. 664-669, 2018.
[45] Ngo QD, Nguyen HT, Le VH, Nguyen DH, “A survey of IoT malware and detection methods based on static features” ICT Express. 2020 Dec 1;6(4):280-6.
[46] Su J, Vasconcellos DV, Prasad S, Sgandurra D, Feng Y, Sakurai K, “Lightweight classification of IoT malware based on image recognition” In2018 IEEE 42Nd annual computer software and applications conference (COMPSAC) 2018 Jul 23 (Vol. 2, pp. 664-669). IEEE.
How to Cite
Kadhim, Q., Al-Sudani, A. Q. A. S., Almani, I. A., Alghazali, T., Dabis, H. K., Mohammed, A. T., Talib, S. G., Mahmood, R. A., Sahi, Z. T., & Mezaal, Y. (2022). IOT-MDEDTL: IoT Malware Detection based on Ensemble Deep Transfer Learning. Majlesi Journal of Electrical Engineering, 16(3). Retrieved from

Most read articles by the same author(s)