Skip to main content

Research Repository

Advanced Search

Toward Machine Intelligence that Learns to Fingerprint Polymorphic Worms in IoT

Wang, Fangwei; Yang, Shaojie; Wang, Changguang; Li, Qingru; Babaagba, Kehinde; Tan, Zhiyuan


Fangwei Wang

Shaojie Yang

Changguang Wang

Qingru Li


Internet of Things (IoT) is fast growing. Non-PC devices under the umbrella of IoT have been increasingly applied in various fields and will soon account for a significant share of total Internet traffic. However, the security and privacy of IoT and its devices have been challenged by malware, particularly polymorphic worms that rapidly self-propagate once being launched and vary their appearance over each infection to escape from the detection of signature-based intrusion detection systems. It is well recognized that polymorphic worms are one of the most intrusive threats to IoT security. To build an effective, strong defense for IoT networks against polymorphic worms, this research proposes a machine intelligent system, termed Gram-Restricted Boltzmann Machine (Gram-RBM), which automatically generates generic fingerprints/signatures for the polymorphic worm. Two augmented N-gram based methods are designed and applied in derivation of polymorphic worm
sequences, also known as fingerprints/signatures. These derived sequences are then optimized using the Gaussian-Bernoulli RBM dimension reduction algorithm. The results, gained from the experiments involved three different types of polymorphic
worms, show that the system generates accurate fingerprints/signatures even under "noisy" conditions and outperforms related methods in terms of accuracy and efficiency.


Wang, F., Yang, S., Wang, C., Li, Q., Babaagba, K., & Tan, Z. (2022). Toward Machine Intelligence that Learns to Fingerprint Polymorphic Worms in IoT. International Journal of Intelligent Systems, 37(10), 7058-7078.

Journal Article Type Article
Acceptance Date Feb 22, 2022
Online Publication Date Mar 27, 2022
Publication Date 2022-10
Deposit Date Aug 16, 2020
Publicly Available Date Mar 28, 2023
Print ISSN 0884-8173
Publisher Wiley
Peer Reviewed Peer Reviewed
Volume 37
Issue 10
Pages 7058-7078
Keywords polymorphic worm; signature generation; N-gram; worm detection; IoT network
Public URL


You might also like

Downloadable Citations