The Internet-of-Things (IoT) consists of embedded computers connected to each other and to the Internet, and it forms the basis of innovative new applications in different domains, such as smart homes, smart factories, intelligent transportation systems, precision agriculture, and personalized health care. However, besides its advantages, it also poses security risks. One specific security problem is that embedded IoT devices can be infected by malware, endangering the trustworthiness of IoT systems. Moreover, malware infected IoT devices can be organized into IoT botnets and used to attack Internet-based services. 

Recently, a lightweight malware detection approach has been proposed by the CrySyS Lab of BME that can be used by resource-constrained IoT devices to protect against malware. This solution, called SIMBIoTA, uses a back-end service for periodically computing a signature database, which is then downloaded and used locally by IoT devices to detect malware. The goal of this project is to study a hybrid approach where local detection is completed with outsourcing detection, in some cases, to the back-end.

The task of the student is:

• to design the aforementioned hybrid algorithm;
• to analyze the hybrid algorithm in terms of the trade-offs between its detection performance, its detection time, and its memory requirement on the IoT device;
• to propose a search strategy that may potentially reduce the detection time at the back-end;
• to analyze the proposed search strategy by comparing it to naïve linear search and to a binary search approach proposed in the literature.