Classifying IoT firmware security threats using image analysis and deep learning

Abstract

As the internet of things (IoT) grows, its embedded devices face increasing vulnerability to firmware-based attacks. The lack of robust security mechanisms in IoT devices makes them susceptible to malicious firmware updates, potentially compromising entire networks. This study addresses the classification of IoT firmware security threats using deep learning and image-based analysis techniques. A publicly available dataset of 32×32 grayscale images, derived from IoT firmware samples and categorized as benignware, hackware, and malware, was utilized. The grayscale images were converted into three-channel RGB format to ensure compatibility with convolutional neural networks (CNNs). We tested multiple pre-trained CNN architectures, including SqueezeNet, ShuffleNet, MobileNet, Xception, and ResNet50, employing transfer learning to adapt the models for this classification task. Both ResNet50 and ShuffleNet achieved exceptional performance, with 100% accuracy, precision, recall, and F1-score. These results validate the effectiveness of our methodology in leveraging transfer learning for IoT firmware classification while maintaining computational efficiency, making it suitable for deployment in resource-constrained IoT environments. T