Byte to image mapping: A new paradigm for Malware Detection in internet of Things Devices

Abstract

With the rapid expansion of Internet of Things (IoT) devices, the number of connected devices worldwide is projected to exceed 29 billion by 2030, while reports indicate that over 57% of these devices remain vulnerable to malware attacks. This surge in interconnected systems demands robust and scalable detection mechanisms to safeguard against evolving cyber threats. Existing malware detection approaches often suffer from high false positive rates and limited adaptability to the diverse architectures of IoT devices, making them less effective in real-time environments. This work introduces a novel Byte-toImage mapping framework for malware detection, transforming raw binary files into grayscale images for pattern recognition. The proposed methodology begins with comprehensive image preprocessing to normalize and enhance structural features of malware patterns. Traditional machine learning models, including Linear Discriminant Analysis (LDA), Quadratic Discriminant Analysis (QDA), and Support Vector Machine (SVM), are evaluated for baseline performance. To enhance detection accuracy and feature discrimination, we propose a hybrid approach where image features are extracted using the deep learning model VGG19 and then classified using an Extra Trees Classifier (ETC). This combination leverages VGG19’s hierarchical feature extraction capability with ETC’s robustness in handling highdimensional data, resulting in a highly accurate and computationally efficient detection system. Experimental results demonstrate that the proposed model outperforms traditional methods, offering improved precision and recall for both Normal and Malware classifications, making it a promising solution for securing IoT ecosystems.