Affiliation:
1. Centro Estadual de Educação Tecnológica Paula Souza CEETPS São Paulo Brazil
Abstract
AbstractMalware presents a significant threat to computer systems security, especially in ARM and MIPS architectures, driven by the rise of the internet of things (IoT). This paper introduces Heimdall, a hybrid approach that integrates YARA signatures and machine learning in programmable switches for efficient malware detection in SDN‐enabled IoT environments. The machine learning classifier achieved an accuracy of 99.33% against the IoT‐23 dataset. When evaluated in an emulated environment with real malware samples, Heimdall exhibits a 98.44% detection rate and an average processing time of 0.0217 s.