Researchers from North Carolina State University and the University of Texas at Austin have developed a technique for detecting types of malware that use a system’s architecture to thwart traditional security measures. The new detection approach works by tracking power fluctuations in embedded systems.
“Embedded systems are basically any computer that doesn’t have a physical keyboard – from smartphones to Internet of Things devices,” says Aydin Aysu, co-author of a paper on the work and an assistant professor of electrical and computer engineering at NC State. “Embedded systems are used in everything from the voice-activated virtual assistants in our homes to industrial control systems like those used in power plants. And malware that targets those systems can be used to seize control of these systems or to steal information.”
At issue are so-called micro-architectural attacks. This form of malware makes use of a system’s architectural design, effectively hijacking the hardware in a way that gives outside users control of the system and access to its data. Spectre and Meltdown are high-profile examples of micro-architectural malware.
“The nature of micro-architectural attacks makes them very difficult to detect – but we have found a way to detect them,” Aysu says. “We have a good idea of what power consumption looks like when embedded systems are operating normally. By looking for anomalies in power consumption, we can tell that there is malware in a system – even if we can’t identify the malware directly.”
The power-monitoring solution can be incorporated into smart batteries for use with new embedded systems technologies. New “plug and play” hardware would be needed to apply the detection tool with existing embedded systems.
There is one other limitation: the new detection technique relies on an embedded system’s power reporting. In lab testing, researchers found that – in some instances – the power monitoring detection tool could be fooled if the malware modifies its activity to mimic “normal” power usage patterns.
“However, even in these instances our technique provides an advantage,” Aysu says. “We found that the effort required to mimic normal power consumption and evade detection forced malware to slow down its data transfer rate by between 86 and 97 percent. In short, our approach can still reduce the effects of malware, even in those few instances where the malware is not detected.
“This paper demonstrates a proof of concept. We think it offers an exciting new approach for addressing a widespread security challenge.”
The Latest on: Malware
via Google News
The Latest on: Malware
- Intego VirusBarrier X9 protects your Mac from macOS malware like Silver Sparrow and Xcode Spy [Save 50% on Mac Premium Bundle]on April 30, 2021 at 4:12 pm
While you may hear that Macs are not be vulnerable to Windows viruses, the popularity of the Mac means that nefarious parties are actually targeting macOS more than ever before. Fortunately, Intego ...
- PortDoor Espionage Malware Takes Aim at Russian Defense Sectoron April 30, 2021 at 12:32 pm
A previously undocumented backdoor malware, dubbed PortDoor, is being used by a probable Chinese advanced persistent threat actor (APT) to target the Russian defense sector, according to researchers.
- Emotet Malware Taken Down By Global Law Enforcement Effort, Cleanup Patch Pushed to 1.6 Million Infected Deviceson April 30, 2021 at 4:00 am
An international law enforcement campaign that began in 2020 culminated in the infiltration and control of the botnet's infrastructure, with a beneficial payload delivered to infected devices that ...
- Don’t fall for this trick that unleashes nasty new Android malwareon April 27, 2021 at 2:09 pm
Enough people in the UK have been receiving text messages supposedly about a “missed package delivery” — which prompts the person to install a tracking app that actually contains ...
- Now Windows 10 can spot cryptojacking malware using up your CPU poweron April 27, 2021 at 5:11 am
Topic: Windows 10 Microsoft has teamed up with Intel in a bid to block CPU-draining cryptomining malware by putting Intel Threat Detection Technology (TDT) inside Microsoft Defender for Endpoint, the ...
- Malware attack hits Guilderland schools, unclear if personal information got outon April 26, 2021 at 6:31 pm
Guilderland school officials said the district has been hit by a malware attack to its computer system. (Will Waldron/Times Union) Will Waldron. GUILDERLAND — The Guilderland Ce ...
- A software bug let malware bypass macOS' security defenseson April 26, 2021 at 11:05 am
Apple has spent years reinforcing macOS with new security features to make it tougher for malware to break in. Worse, evidence shows a notorious family of Mac malware has already been exploiting this ...
- Mac users, download macOS 11.3 now to fix major security flawon April 26, 2021 at 10:09 am
The latest version of Apple's macOS comes with more than just a slew of fancy new features. Buried inside macOS 11.3, which was released Monday morning, is a patch that fixes a critical vulnerability ...
- Law Enforcement Remotely Wipes Once-Feared Malware From 1 Million Computerson April 26, 2021 at 8:18 am
At its peak last decade the Emotet botnet was one of the most feared malware strains in the world. Evolving from a banking Trojan into a full-fledged malware-as-a-service platform, Emotet wreaked ...
- Emotet Malware Destroys Itself From All Infected Computerson April 26, 2021 at 2:34 am
Emotet, the notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks, was automatically wiped from infected computers en masse following a European law ...
via Bing News