DOI: 10.14569/IJACSA.2026.01702104

Designing an Attack-Vector-Based Taxonomy for IoT Malware

Author 1: Huda Aldawghan
Author 2: Mounir Frikha

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 17 Issue 2, 2026.

Abstract: This study presents a literature-derived, attack-vector-based taxonomy for IoT malware and complements it with an empirical validation using supervised machine learning. Building on prior surveys and taxonomies of IoT security and malware behavior, we synthesize how existing studies implicitly or explicitly describe infection vectors such as credential abuse, exposed services, firmware exploitation, internal lateral movement, and supply-chain compromise. The resulting taxonomy organises IoT malware according to initial entry mechanisms rather than post-compromise capabilities, providing a vector-centric perspective that aligns more naturally with risk assessment and defensive planning. To demonstrate the practical relevance of this taxonomy, we implement a supervised malware detection model operating on Windows Portable Executable (PE) files. Using malware samples collected from public repositories (e.g., VirusShare and MalwareBazaar) and benign executables from open-source projects, we extract structural, statistical, and metadata-based PE features and train an Extreme Gradient Boosting (XGBoost) classifier with Synthetic Minority Over-sampling Technique (SMOTE) for class balancing. The model achieves an accuracy of 98.13% with balanced F1-scores for both malware and benign classes, illustrating that feature-engineered supervised models can effectively support taxonomy-informed detection strategies. The combined conceptual and empirical view highlights how attack-vector taxonomies, IoT threat modeling, and machine learning-based detection can be jointly leveraged to strengthen IoT cyber defense.

Keywords: IoT security; malware taxonomy; attack vectors; cyber threat intelligence; network defense

Huda Aldawghan and Mounir Frikha. “Designing an Attack-Vector-Based Taxonomy for IoT Malware”. International Journal of Advanced Computer Science and Applications (IJACSA) 17.2 (2026). http://dx.doi.org/10.14569/IJACSA.2026.01702104

@article{Aldawghan2026,
title = {Designing an Attack-Vector-Based Taxonomy for IoT Malware},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2026.01702104},
url = {http://dx.doi.org/10.14569/IJACSA.2026.01702104},
year = {2026},
publisher = {The Science and Information Organization},
volume = {17},
number = {2},
author = {Huda Aldawghan and Mounir Frikha}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Computer Vision Conference (CVC) 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

Artificial Intelligence Conference 2026

3-4 September 2026

Future Technologies Conference (FTC) 2026

15-16 October 2026