Aposemat IoT IRC Malware Detection with Machine Learning

The field of Internet of Things (IoT) is growing every day, and its vulnerabilities, together with an increasing number of malicious attacks, represent a severe threat to millions of users around the globe. IoT threat actors have a wide range of protocols at their disposal, and one of them is Internet Relay Chat (IRC). IRC facilitates communication in the form of text and is designed for group communication in channels. In our research, we propose a technique for detecting malicious IRC communications in the network. We use network traffic from malicious and non-malicious captures to extract the IRC connections. We manually extract and compute a set of features from which we create multiple models using different machine learning methods and compare them together.