Filters








1,872 Hits in 4.7 sec

On the feasibility of online malware detection with performance counters

John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, Salvatore Stolfo
2013 SIGARCH Computer Architecture News  
In this paper, we examine the feasibility of building a malware detector in hardware using existing performance counters.  ...  Combined, the robustness and security of hardware AV techniques have the potential to advance state-of-the-art online malware detection.  ...  Martha Kim and members of the Computer Architecture and Security Technologies Lab (CASTL) at Columbia University for their feedback on this work.  ... 
doi:10.1145/2508148.2485970 fatcat:5sfjatolvfdqjjvhbwdntkekia

On the feasibility of online malware detection with performance counters

John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, Salvatore Stolfo
2013 Proceedings of the 40th Annual International Symposium on Computer Architecture - ISCA '13  
In this paper, we examine the feasibility of building a malware detector in hardware using existing performance counters.  ...  Combined, the robustness and security of hardware AV techniques have the potential to advance state-of-the-art online malware detection.  ...  Martha Kim and members of the Computer Architecture and Security Technologies Lab (CASTL) at Columbia University for their feedback on this work.  ... 
doi:10.1145/2485922.2485970 dblp:conf/isca/DemmeMSTWSS13 fatcat:vod7bc4xavg3dhinke4ddq2i5i

pAElla: Edge-AI based Real-Time Malware Detection in Data Centers

Antonio Libri, Andrea Bartolini, Luca Benini
2020 IEEE Internet of Things Journal  
The method -- called pAElla -- targets real-time Malware Detection (MD), it runs on an out-of-band IoT-based monitoring system for DCs/SCs, and involves Power Spectral Density of power measurements, along  ...  We compare our method with State-of-the-Art MD techniques and show that, in the context of DCs/SCs, pAElla can cover a wider range of malware, significantly outperforming SoA approaches in terms of accuracy  ...  RELATED WORK Perf-Counters-based MD: In recent years, several works in the literature focused on the usage of performance counters for Anomaly and Malware Detection.  ... 
doi:10.1109/jiot.2020.2986702 fatcat:i2kmmztnfvdmjfl2ksanpvok6i

Unsupervised Anomaly-based Malware Detection using Hardware Features [article]

Adrian Tang, Simha Sethumadhavan, Salvatore Stolfo
2014 arXiv   pre-print
We use unsupervised machine learning to build profiles of normal program execution based on data from performance counters, and use these profiles to detect significant deviations in program behavior that  ...  We show that real-world exploitation of popular programs such as IE and Adobe PDF Reader on a Windows/x86 platform can be detected with nearly perfect certainty.  ...  The idea is to use information easily available in hardware (typically through performance counters) to detect malware.  ... 
arXiv:1403.1631v2 fatcat:ozxpdxdjmfbojgjfzczboxfdj4

Ensemble Learning for Low-Level Hardware-Supported Malware Detection [chapter]

Khaled N. Khasawneh, Meltem Ozsoy, Caleb Donovick, Nael Abu-Ghazaleh, Dmitry Ponomarev
2015 Lecture Notes in Computer Science  
Recent work demonstrated hardware-based online malware detection using only low-level features.  ...  Critical to such a framework is the detection performance of the hardware detector.  ...  the paper.  ... 
doi:10.1007/978-3-319-26362-5_1 fatcat:sgeygkjxsjaelg5d7xa7srczyi

AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware [chapter]

Wenbo Yang, Yuanyuan Zhang, Juanru Li, Junliang Shu, Bodong Li, Wenjun Hu, Dawu Gu
2015 Lecture Notes in Computer Science  
As the techniques for Android malware detection are progressing, malware also fights back through deploying advanced code encryption with the help of Android packers.  ...  The unpacked app is then available for being analyzed by common program analysis tools or malware detection systems.  ...  Acknowledgments We would like to thank our shepherd, Elias Athanasopoulos, and the anonymous reviewers for their insightful comments that greatly helped improve the manuscript of this paper.  ... 
doi:10.1007/978-3-319-26362-5_17 fatcat:xoxyebbexncjrhlagqkdje7oxe

Towards Accurate Run-Time Hardware-Assisted Stealthy Malware Detection: A Lightweight, Yet Effective Time Series CNN-Based Approach

Hossein Sayadi, Yifeng Gao, Hosein Mohammadi Makrani, Jessica Lin, Paulo Cesar Costa, Setareh Rafatirad, Houman Homayoun
2021 Cryptography  
The experimental results demonstrate that with the aid of our novel intelligent approach, stealthy malware can be detected at run-time with 94% detection performance on average with only one HPC feature  ...  Recently, malware detection based on low-level hardware features (e.g., Hardware Performance Counters (HPCs) information) has emerged as an effective alternative solution to address the complexity and  ...  Data Availability Statement: The data presented in this study are available in article. Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/cryptography5040028 fatcat:tdgn54ormvf4tidbwzajazjwky

Adversarial Deep Learning for Robust Detection of Binary Encoded Malware [article]

Abdullah Al-Dujaili and Alex Huang and Erik Hemberg and Una-May O'Reilly
2018 arXiv   pre-print
We evaluate the effectiveness of the methods and others in the literature on a set of Portable Execution~(PE) files.  ...  Malware is constantly adapting in order to avoid detection.  ...  On the other hand, with gradient-based methods, we aim to introduce adversarial malware versions in an online manner based on their difficulty in terms of model accuracy.  ... 
arXiv:1801.02950v3 fatcat:3u2muftet5hr5c3lisdygfpnoa

Analyzing Machine Learning Approaches for Online Malware Detection in Cloud [article]

Jeffrey C Kimmell, Mahmoud Abdelsalam, Maanak Gupta
2021 arXiv   pre-print
In this paper, we present online malware detection based on process level performance metrics, and analyze the effectiveness of different baseline machine learning models including, Support Vector Classifier  ...  Our analysis conclude that neural network models can most accurately detect the impact malware have on the process level features of virtual machines in the cloud, and therefore are best suited to detect  ...  Online malware detection [5] - [8] focuses on the behavior of a machine that it is trying to protect from malware.  ... 
arXiv:2105.09268v1 fatcat:hkf6b55bxvh2jddcwhq6g3q4yu

Shadow attacks: automatically evading system-call-behavior based malware detection

Weiqin Ma, Pu Duan, Sanmin Liu, Guofei Gu, Jyh-Charn Liu
2011 Journal in Computer Virology  
Traditional signature-based detection technique is hard to catch up with latest malware or unknown malware.  ...  To demonstrate the feasibility of this attack, we have developed a compiler-level prototype tool, AutoShadow, to automatically generate shadow-process version of malware given the source code of original  ...  Effectiveness Test via Online Analysis We compare detection results of a single-process based malware with that of the transformed multiple processes.  ... 
doi:10.1007/s11416-011-0157-5 fatcat:v6jjw3chrbgyhegkwyskmuozjq

Unsupervised Anomaly-Based Malware Detection Using Hardware Features [chapter]

Adrian Tang, Simha Sethumadhavan, Salvatore J. Stolfo
2014 Lecture Notes in Computer Science  
Recent works have shown promise in detecting malware programs based on their dynamic microarchitectural execution patterns.  ...  These data can be collected at low overheads using widely available hardware performance counters (HPC) in modern processors.  ...  Opinions, findings, conclusions and recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the US Government or commercial entities.  ... 
doi:10.1007/978-3-319-11379-1_6 fatcat:67z7oo2r5rge7b63tvkmdfmnym

Botnet Detection on the Analysis of Zeus Panda Financial Botnet

2019 International Journal of Engineering and Advanced Technology  
As opposed to DDoS and spam malware, the stealthy idea of monetary botnets requires new methods and modern research with a specific end goal to detect,analyze and even to receive them down.  ...  The system demonstrated powerful when trialed against various samples of the notable malware Zeus panda and was confirmed further by analysis controlled with the financially.The proposed framework depends  ...  According the researchers, the Zeus financial Trojan was progressive in a few regards: • It was the initial malware to perform web injections. • It fabricated one of the greatest botnets ever, with a bank  ... 
doi:10.35940/ijeat.f7941.088619 fatcat:h2z7tz2a5rbk7ibkbgszfrxah4

Deep Neural Network and Transfer Learning for Accurate Hardware-Based Zero-Day Malware Detection

Zhangying He, Amin Rezaei, Houman Homayoun, Hossein Sayadi
2022 Proceedings of the Great Lakes Symposium on VLSI 2022  
HMD techniques apply standard Machine Learning (ML) algorithms to the processors' low-level events collected from Hardware Performance Counter (HPC) registers.  ...  However, despite obtaining promising results for detecting known malware, the challenge of accurate zero-day (unknown) malware detection has remained an unresolved problem in existing HPC-based countermeasures  ...  detecting the unknown malware patterns with a high detection performance and low false positive rate.  ... 
doi:10.1145/3526241.3530326 fatcat:iwkqadkqnbb2ddiw2dpumxdbgm

Adversarial Deep Learning for Robust Detection of Binary Encoded Malware

Abdullah Al-Dujaili, Alex Huang, Erik Hemberg, Una-May OReilly
2018 2018 IEEE Security and Privacy Workshops (SPW)  
We evaluate the effectiveness of the methods and others in the literature on a set of Portable Execution (PE) files.  ...  Malware is constantly adapting in order to avoid detection.  ...  ACKNOWLEDGMENT This work was supported by the MIT-IBM Watson AI Lab and CSAIL CyberSecurity Initiative.  ... 
doi:10.1109/spw.2018.00020 dblp:conf/sp/Al-DujailiHHO18 fatcat:wf6ptin53bcyrkfwkxgjzur7cy

ML-based IoT Malware Detection Under Adversarial Settings: A Systematic Evaluation [article]

Ahmed Abusnaina, Afsah Anwar, Sultan Alshamrani, Abdulrahman Alabduljabbar, RhongHo Jang, Daehun Nyang, David Mohaisen
2021 arXiv   pre-print
This continuous trend motivates the large body of literature on malware analysis and detection research, with many systems emerging constantly, and outperforming their predecessors.  ...  The rapid growth of the Internet of Things (IoT) devices is paralleled by them being on the front-line of malicious attacks.  ...  Malware Detection Prior works have shown the potential and feasibility of ML to detect malware with more than 99% accuracy [7] , [12] - [17] .  ... 
arXiv:2108.13373v1 fatcat:zz3haicdb5faxoxaq2h2hh6gmu
« Previous Showing results 1 — 15 out of 1,872 results