Malware detection for IoT devices using hybrid system of whitelist and machine learning based on lightweight flow data

For the security of IoT devices, the number and type of devices are generally large, so it is important to collect data efficiently and detect threats in a lightweight way. In this paper, we propose the architecture for malware detection, a method to detect malware using flow information, and a method to decrease the amount of transmission data between the servers in this architecture. We evaluate the performance of malware detection and the amount of data before and after the data reduction. And show that the performance of malware detection is maintained even though the amount of data is reduced.