A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
Filters
On the feasibility of online malware detection with performance counters
2013
SIGARCH Computer Architecture News
Preserved Fulltext
In this paper, we examine the feasibility of building a malware detector in hardware using existing performance counters. ...
Combined, the robustness and security of hardware AV techniques have the potential to advance state-of-the-art online malware detection. ...
Martha Kim and members of the Computer Architecture and Security Technologies Lab (CASTL) at Columbia University for their feedback on this work. ...
doi:10.1145/2508148.2485970
fatcat:5sfjatolvfdqjjvhbwdntkekia
On the feasibility of online malware detection with performance counters
2013
Proceedings of the 40th Annual International Symposium on Computer Architecture - ISCA '13
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2014; you can also visit the original URL.
The file type is application/pdf.
In this paper, we examine the feasibility of building a malware detector in hardware using existing performance counters. ...
Combined, the robustness and security of hardware AV techniques have the potential to advance state-of-the-art online malware detection. ...
Martha Kim and members of the Computer Architecture and Security Technologies Lab (CASTL) at Columbia University for their feedback on this work. ...
doi:10.1145/2485922.2485970
dblp:conf/isca/DemmeMSTWSS13
fatcat:vod7bc4xavg3dhinke4ddq2i5i
pAElla: Edge-AI based Real-Time Malware Detection in Data Centers
2020
IEEE Internet of Things Journal
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2020 pre-print arXiv:2004.03670v1 fatcat:b3hq4olnp5g4hp2lywllbwa5xi
The method -- called pAElla -- targets real-time Malware Detection (MD), it runs on an out-of-band IoT-based monitoring system for DCs/SCs, and involves Power Spectral Density of power measurements, along ...
We compare our method with State-of-the-Art MD techniques and show that, in the context of DCs/SCs, pAElla can cover a wider range of malware, significantly outperforming SoA approaches in terms of accuracy ...
RELATED WORK Perf-Counters-based MD: In recent years, several works in the literature focused on the usage of performance counters for Anomaly and Malware Detection. ...
doi:10.1109/jiot.2020.2986702
fatcat:i2kmmztnfvdmjfl2ksanpvok6i
Unsupervised Anomaly-based Malware Detection using Hardware Features
[article]
2014
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We use unsupervised machine learning to build profiles of normal program execution based on data from performance counters, and use these profiles to detect significant deviations in program behavior that ...
We show that real-world exploitation of popular programs such as IE and Adobe PDF Reader on a Windows/x86 platform can be detected with nearly perfect certainty. ...
The idea is to use information easily available in hardware (typically through performance counters) to detect malware. ...
arXiv:1403.1631v2
fatcat:ozxpdxdjmfbojgjfzczboxfdj4
Ensemble Learning for Low-Level Hardware-Supported Malware Detection
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Recent work demonstrated hardware-based online malware detection using only low-level features. ...
Critical to such a framework is the detection performance of the hardware detector. ...
the paper. ...
doi:10.1007/978-3-319-26362-5_1
fatcat:sgeygkjxsjaelg5d7xa7srczyi
AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware
[chapter]
2015
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
As the techniques for Android malware detection are progressing, malware also fights back through deploying advanced code encryption with the help of Android packers. ...
The unpacked app is then available for being analyzed by common program analysis tools or malware detection systems. ...
Acknowledgments We would like to thank our shepherd, Elias Athanasopoulos, and the anonymous reviewers for their insightful comments that greatly helped improve the manuscript of this paper. ...
doi:10.1007/978-3-319-26362-5_17
fatcat:xoxyebbexncjrhlagqkdje7oxe
Towards Accurate Run-Time Hardware-Assisted Stealthy Malware Detection: A Lightweight, Yet Effective Time Series CNN-Based Approach
2021
Cryptography
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The experimental results demonstrate that with the aid of our novel intelligent approach, stealthy malware can be detected at run-time with 94% detection performance on average with only one HPC feature ...
Recently, malware detection based on low-level hardware features (e.g., Hardware Performance Counters (HPCs) information) has emerged as an effective alternative solution to address the complexity and ...
Data Availability Statement: The data presented in this study are available in article.
Conflicts of Interest: The authors declare no conflict of interest. ...
doi:10.3390/cryptography5040028
fatcat:tdgn54ormvf4tidbwzajazjwky
Adversarial Deep Learning for Robust Detection of Binary Encoded Malware
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We evaluate the effectiveness of the methods and others in the literature on a set of Portable Execution~(PE) files. ...
Malware is constantly adapting in order to avoid detection. ...
On the other hand, with gradient-based methods, we aim to introduce adversarial malware versions in an online manner based on their difficulty in terms of model accuracy. ...
arXiv:1801.02950v3
fatcat:3u2muftet5hr5c3lisdygfpnoa
Analyzing Machine Learning Approaches for Online Malware Detection in Cloud
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In this paper, we present online malware detection based on process level performance metrics, and analyze the effectiveness of different baseline machine learning models including, Support Vector Classifier ...
Our analysis conclude that neural network models can most accurately detect the impact malware have on the process level features of virtual machines in the cloud, and therefore are best suited to detect ...
Online malware detection [5] - [8] focuses on the behavior of a machine that it is trying to protect from malware. ...
arXiv:2105.09268v1
fatcat:hkf6b55bxvh2jddcwhq6g3q4yu
Shadow attacks: automatically evading system-call-behavior based malware detection
2011
Journal in Computer Virology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Traditional signature-based detection technique is hard to catch up with latest malware or unknown malware. ...
To demonstrate the feasibility of this attack, we have developed a compiler-level prototype tool, AutoShadow, to automatically generate shadow-process version of malware given the source code of original ...
Effectiveness Test via Online Analysis We compare detection results of a single-process based malware with that of the transformed multiple processes. ...
doi:10.1007/s11416-011-0157-5
fatcat:v6jjw3chrbgyhegkwyskmuozjq
Unsupervised Anomaly-Based Malware Detection Using Hardware Features
[chapter]
2014
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
Recent works have shown promise in detecting malware programs based on their dynamic microarchitectural execution patterns. ...
These data can be collected at low overheads using widely available hardware performance counters (HPC) in modern processors. ...
Opinions, findings, conclusions and recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the US Government or commercial entities. ...
doi:10.1007/978-3-319-11379-1_6
fatcat:67z7oo2r5rge7b63tvkmdfmnym
Botnet Detection on the Analysis of Zeus Panda Financial Botnet
2019
International Journal of Engineering and Advanced Technology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
As opposed to DDoS and spam malware, the stealthy idea of monetary botnets requires new methods and modern research with a specific end goal to detect,analyze and even to receive them down. ...
The system demonstrated powerful when trialed against various samples of the notable malware Zeus panda and was confirmed further by analysis controlled with the financially.The proposed framework depends ...
According the researchers, the Zeus financial Trojan was progressive in a few regards: • It was the initial malware to perform web injections. • It fabricated one of the greatest botnets ever, with a bank ...
doi:10.35940/ijeat.f7941.088619
fatcat:h2z7tz2a5rbk7ibkbgszfrxah4
Deep Neural Network and Transfer Learning for Accurate Hardware-Based Zero-Day Malware Detection
2022
Proceedings of the Great Lakes Symposium on VLSI 2022
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
HMD techniques apply standard Machine Learning (ML) algorithms to the processors' low-level events collected from Hardware Performance Counter (HPC) registers. ...
However, despite obtaining promising results for detecting known malware, the challenge of accurate zero-day (unknown) malware detection has remained an unresolved problem in existing HPC-based countermeasures ...
detecting the unknown malware patterns with a high detection performance and low false positive rate. ...
doi:10.1145/3526241.3530326
fatcat:iwkqadkqnbb2ddiw2dpumxdbgm
Adversarial Deep Learning for Robust Detection of Binary Encoded Malware
2018
2018 IEEE Security and Privacy Workshops (SPW)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
We evaluate the effectiveness of the methods and others in the literature on a set of Portable Execution (PE) files. ...
Malware is constantly adapting in order to avoid detection. ...
ACKNOWLEDGMENT This work was supported by the MIT-IBM Watson AI Lab and CSAIL CyberSecurity Initiative. ...
doi:10.1109/spw.2018.00020
dblp:conf/sp/Al-DujailiHHO18
fatcat:wf6ptin53bcyrkfwkxgjzur7cy
ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
This continuous trend motivates the large body of literature on malware analysis and detection research, with many systems emerging constantly, and outperforming their predecessors. ...
The rapid growth of the Internet of Things (IoT) devices is paralleled by them being on the front-line of malicious attacks. ...
Malware Detection Prior works have shown the potential and feasibility of ML to detect malware with more than 99% accuracy [7] , [12] - [17] . ...
arXiv:2108.13373v1
fatcat:zz3haicdb5faxoxaq2h2hh6gmu
« Previous
Showing results 1 — 15 out of 1,872 results