NURSE: eNd-UseR IoT malware detection tool for Smart homEs

A.A.L. d' Estalenx, C. Hernandez Ganan

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

19 Downloads (Pure)


IoT devices keep entering our homes with the promise of delivering more services and enhancing user experience; however, these new devices also carry along an alarming number of vulnerabilities and security issues. In most cases, the users of these devices are completely unaware of the security risks that connecting these devices entail. Current tools do not provide users with essential security information such as whether a device is infected with malware. Traditional techniques to detect malware infections were not meant to be used by the end-user and current malware removal tools and security software cannot handle the heterogeneity of IoT devices. In this paper, we design, develop, and evaluate a tool, called NURSE, to fill this information gap, i.e., enabling end-users to detect IoT-malware infections in their home networks. NURSE follows a modular approach to analyze IoT traffic as captured by means of an ARP spoofing technique which does not require any network modification or specific hardware. Thus, NURSE provides zero-configuration IoT traffic analysis within everybody's reach. After testing NURSE in 83 different IoT network scenarios with a wide variety of IoT device types, results show that NURSE identifies malware-infected IoT devices with high-accuracy (86.7%) using device network behaviour and contacted destinations.

Original languageEnglish
Title of host publication11th International Conference on the Internet of Things, IoT 2021 - Conference Proceedings
PublisherAssociation for Computing Machinery (ACM)
Number of pages9
ISBN (Electronic)9781450385664
Publication statusPublished - 2021
Event1th International Conference on the Internet of Things, IoT2021 - St. Gallen, Switzerland
Duration: 8 Nov 202111 Nov 2021

Publication series

NameACM International Conference Proceeding Series


Conference1th International Conference on the Internet of Things, IoT2021
Abbreviated titleIoT2021
CitySt. Gallen
Internet address


Dive into the research topics of 'NURSE: eNd-UseR IoT malware detection tool for Smart homEs'. Together they form a unique fingerprint.

Cite this