HARDY: Hardware based Analysis for malwaRe Detection in embedded sYstems

2020 IEEE 33rd International System-on-Chip Conference (SOCC) Pub Date : 2020-09-08 DOI:10.1109/socc49529.2020.9524727

S. Kadiyala, Mohit Garg, Manaar Alam, H. Ngo, Debdeep Mukhopadhyay, T. Srikanthan

{"title":"HARDY: Hardware based Analysis for malwaRe Detection in embedded sYstems","authors":"S. Kadiyala, Mohit Garg, Manaar Alam, H. Ngo, Debdeep Mukhopadhyay, T. Srikanthan","doi":"10.1109/socc49529.2020.9524727","DOIUrl":null,"url":null,"abstract":"Increase in number of embedded systems which are interconnected has created need for mechanisms which can detect malicious exploits in a lightweight yet speed efficient fashion. Recent approaches that addressed this challenge focused on utilizing either high level or low level features along with machine learning algorithms to analyze behavior of unknown programs. However, the high level mechanisms are less tamper resistant and low level approaches result in high false positive. Moreover these approaches often consume high computational and storage resources, which are less suitable for embedded systems. In this paper, we present a custom hardware realization of a lightweight malware analysis approach. This approach analyzes an unknown program using a judicious combination of high level and low level features along some with statistical methods. We achieve an average of 3.06x reduction in power consumption and an average of 2.52x improvement in detection speed, when compared to existing hardware-based malware detection techniques and also a speed up of 1.8x compared to its software based realization.","PeriodicalId":114740,"journal":{"name":"2020 IEEE 33rd International System-on-Chip Conference (SOCC)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 33rd International System-on-Chip Conference (SOCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/socc49529.2020.9524727","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Increase in number of embedded systems which are interconnected has created need for mechanisms which can detect malicious exploits in a lightweight yet speed efficient fashion. Recent approaches that addressed this challenge focused on utilizing either high level or low level features along with machine learning algorithms to analyze behavior of unknown programs. However, the high level mechanisms are less tamper resistant and low level approaches result in high false positive. Moreover these approaches often consume high computational and storage resources, which are less suitable for embedded systems. In this paper, we present a custom hardware realization of a lightweight malware analysis approach. This approach analyzes an unknown program using a judicious combination of high level and low level features along some with statistical methods. We achieve an average of 3.06x reduction in power consumption and an average of 2.52x improvement in detection speed, when compared to existing hardware-based malware detection techniques and also a speed up of 1.8x compared to its software based realization.

查看原文本刊更多论文

嵌入式系统中基于硬件的恶意软件检测分析

互连的嵌入式系统数量的增加创造了对能够以轻量级但速度高效的方式检测恶意攻击的机制的需求。最近解决这一挑战的方法集中在利用高级或低级特征以及机器学习算法来分析未知程序的行为。然而，高级别机制的抗篡改性较差，低级别方法导致高假阳性。此外，这些方法往往消耗大量的计算和存储资源，不太适合嵌入式系统。在本文中，我们提出了一种轻量级恶意软件分析方法的自定义硬件实现。这种方法使用高级和低级特征的明智组合以及一些统计方法来分析未知程序。与现有的基于硬件的恶意软件检测技术相比，我们平均降低了3.06倍的功耗，平均提高了2.52倍的检测速度，与基于软件的实现相比，速度也提高了1.8倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE 33rd International System-on-Chip Conference (SOCC)

自引率

0.00%

发文量