2021
DOI: 10.3390/cryptography5040028
|View full text |Cite
|
Sign up to set email alerts
|

Towards Accurate Run-Time Hardware-Assisted Stealthy Malware Detection: A Lightweight, yet Effective Time Series CNN-Based Approach

Abstract: According to recent security analysis reports, malicious software (a.k.a. malware) is rising at an alarming rate in numbers, complexity, and harmful purposes to compromise the security of modern computer systems. Recently, malware detection based on low-level hardware features (e.g., Hardware Performance Counters (HPCs) information) has emerged as an effective alternative solution to address the complexity and performance overheads of traditional software-based detection methods. Hardware-assisted Malware Dete… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
7
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
4
1

Relationship

0
10

Authors

Journals

citations
Cited by 19 publications
(7 citation statements)
references
References 62 publications
0
7
0
Order By: Relevance
“…Even though these works could be used for profiling EV charging sessions and to some extent, EV user behaviours, they however unlike our work, are not cybersecurity focused and hence cannot be used for detecting security attacks launched against the EVSE. Another associated area of study explores the application of hardware events for cybersecurity solutions, including device behavioral fingerprinting for anomaly detection [39,30,47] and malware classification [31,41,1]. However, the datasets used for most of these works are unavailable for further experiments and validation.…”
Section: Related Workmentioning
confidence: 99%
“…Even though these works could be used for profiling EV charging sessions and to some extent, EV user behaviours, they however unlike our work, are not cybersecurity focused and hence cannot be used for detecting security attacks launched against the EVSE. Another associated area of study explores the application of hardware events for cybersecurity solutions, including device behavioral fingerprinting for anomaly detection [39,30,47] and malware classification [31,41,1]. However, the datasets used for most of these works are unavailable for further experiments and validation.…”
Section: Related Workmentioning
confidence: 99%
“…They are valued for simplicity and practical application success, focusing on the relevancy of features. Prominent methods include Principal Component Analysis (PCA) (used by [47], [53], [79], [80]), Fisher Score [81] (used by [34], [51]), Pearson Correlation Coefficient [82] (used by [46]- [48], [79], [80]) and Information Gain (Mutual Information) [83] (used by [84], [85]). The Scikit-learn [86] library for the Python and Weka [87] are tools frequently used in the HMD field for FS.…”
Section: B Hardware-based Detection Frameworkmentioning
confidence: 99%
“…While CNNs are widely acknowledged for their proficiency in image processing, their utility extends beyond this domain. They are also capable of handling time series classification, thus demonstrating their versatility in handling different types of data [44,45]. CNNs can handle sequential data by treating it as a one-dimensional "image" and applying convolutional filters to extract local and global patterns, which can often be beneficial in time series analysis.…”
Section: Cnns For Classificationmentioning
confidence: 99%