@inproceedings{7116a596183e4fa0a15e46c1454b55bd,
title = "Towards moving target defense for IoT malware detection",
abstract = "Machine learning (ML) techniques show promise in malware defense for the Internet of Things (IoT), but are vulnerable to tailored adversarial attacks. Moving Target Defense (MTD) is a security strategy that actively raises the cost to the attacker of a potential attack by changing the target{\textquoteright}s characteristics, preventing attackers from profiling the target. In this work we explore the potential for using MTD for IoT malware detection. Applying MTD to protect ML malware detection involves continuously changing the malware classification models, defeating attempts to profile the models. We research the state-of-the-art literature that uses an MTD-style strategy to increase ML model security. We identify two techniques: 'Naive MTD', which cycles between static models, and 'Full MTD', which refreshes models at runtime and is therefore more effective. Focusing on the studies in the ML literature that use Full MTD for adversarial robustness, we examine their approach, assessing features such as discard policy, decision-making and model updating schedule. We make a number of recommendations on development of a Full MTD strategy for ML IoT malware detection.",
keywords = "Moving target defense, Malware, Internet of things, Malware defense, [ComputerScience]",
author = "Ita Ryan and Luke Kurlandski and Nate Mathews",
note = "{\textcopyright} 2026, the owner/author(s). This work is licensed under a Creative Commons Attribution 4.0 International License. ",
year = "2026",
month = apr,
day = "12",
doi = "10.1145/3786159.3788477",
language = "English (Ireland)",
series = "SERP4IoT",
publisher = "Association for Computing Machinery (ACM)",
pages = "1--8",
booktitle = "Proceedings of the 8th International Workshop on Software Engineering Research and Practices for the IoT (SERP4IoT {\textquoteright}26)",
}