A survey of IoT malware and detection methods based on static features

Due to a lack of security design as well as the specific characteristics of IoT devices such as the heterogeneity of processor architecture, IoT malware detection has to deal with very unique challenges, especially on detecting cross-architecture IoT malware. Therefore, the IoT malware detection domain is the focus of research by the security community in recent years. There are many studies taking advantage of well-known dynamic or static analysis for detecting IoT malware; however, static-based methods are more effective when addressing the multi-architecture issue. In this paper, we give a thorough survey of static IoT malware detection. We first introduce the definition, evolution and security threats of IoT malware. Then, we summarize, compare and analyze existing IoT malware detection methods proposed in recent years. Finally, we carry out exactly the methods of existing studies based on the same IoT malware dataset and an experimental configuration to evaluate objectively and increasing the reliability of these studies in detecting IoT malware.