A survey on hardware-based malware detection approaches
- URL: http://arxiv.org/abs/2303.12525v2
- Date: Thu, 18 Apr 2024 08:27:28 GMT
- Title: A survey on hardware-based malware detection approaches
- Authors: Cristiano Pegoraro Chenet, Alessandro Savino, Stefano Di Carlo,
- Abstract summary: Hardware-based malware detection approaches leverage hardware performance counters and machine learning prowess.
We meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours.
The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
- Score: 45.24207460381396
- License: http://creativecommons.org/licenses/by-nc-sa/4.0/
- Abstract: This paper delves into the dynamic landscape of computer security, where malware poses a paramount threat. Our focus is a riveting exploration of the recent and promising hardware-based malware detection approaches. Leveraging hardware performance counters and machine learning prowess, hardware-based malware detection approaches bring forth compelling advantages such as real-time detection, resilience to code variations, minimal performance overhead, protection disablement fortitude, and cost-effectiveness. Navigating through a generic hardware-based detection framework, we meticulously analyze the approach, unraveling the most common methods, algorithms, tools, and datasets that shape its contours. This survey is not only a resource for seasoned experts but also an inviting starting point for those venturing into the field of malware detection. However, challenges emerge in detecting malware based on hardware events. We struggle with the imperative of accuracy improvements and strategies to address the remaining classification errors. The discussion extends to crafting mixed hardware and software approaches for collaborative efficacy, essential enhancements in hardware monitoring units, and a better understanding of the correlation between hardware events and malware applications.
Related papers
- Obfuscated Malware Detection: Investigating Real-world Scenarios through Memory Analysis [0.0]
We propose a simple and cost-effective obfuscated malware detection system through memory dump analysis.
The study focuses on the CIC-MalMem-2022 dataset, designed to simulate real-world scenarios.
We evaluate the effectiveness of machine learning algorithms, such as decision trees, ensemble methods, and neural networks, in detecting obfuscated malware within memory dumps.
arXiv Detail & Related papers (2024-04-03T00:13:23Z) - The Emergence of Hardware Fuzzing: A Critical Review of its Significance [0.4943822978887544]
Hardware fuzzing, inspired by software testing methodologies, has gained prominence for its efficacy in identifying bugs within complex hardware designs.
Despite the introduction of various hardware fuzzing techniques, obstacles such as inefficient conversion of hardware modules into software models impede their effectiveness.
This work examines the reliability of existing hardware fuzzing techniques in identifying vulnerabilities and identifies research gaps for future advancements in design verification techniques.
arXiv Detail & Related papers (2024-03-19T15:12:11Z) - Discovering Malicious Signatures in Software from Structural
Interactions [7.06449725392051]
We propose a novel malware detection approach that leverages deep learning, mathematical techniques, and network science.
Our approach focuses on static and dynamic analysis and utilizes the Low-Level Virtual Machine (LLVM) to profile applications within a complex network.
Our approach marks a substantial improvement in malware detection, providing a notably more accurate and efficient solution.
arXiv Detail & Related papers (2023-12-19T23:42:20Z) - On The Fairness Impacts of Hardware Selection in Machine Learning [50.03224106965757]
This paper investigates the influence of hardware on the delicate balance between model performance and fairness.
We demonstrate that hardware choices can exacerbate existing disparities, attributing these discrepancies to variations in gradient flows and loss surfaces across different demographic groups.
arXiv Detail & Related papers (2023-12-06T20:24:17Z) - Harnessing the Speed and Accuracy of Machine Learning to Advance Cybersecurity [0.0]
Traditional signature-based methods of malware detection have limitations in detecting complex threats.
In recent years, machine learning has emerged as a promising solution to detect malware effectively.
ML algorithms are capable of analyzing large datasets and identifying patterns that are difficult for humans to identify.
arXiv Detail & Related papers (2023-02-24T02:42:38Z) - Towards a Fair Comparison and Realistic Design and Evaluation Framework
of Android Malware Detectors [63.75363908696257]
We analyze 10 influential research works on Android malware detection using a common evaluation framework.
We identify five factors that, if not taken into account when creating datasets and designing detectors, significantly affect the trained ML models.
We conclude that the studied ML-based detectors have been evaluated optimistically, which justifies the good published results.
arXiv Detail & Related papers (2022-05-25T08:28:08Z) - Mate! Are You Really Aware? An Explainability-Guided Testing Framework
for Robustness of Malware Detectors [49.34155921877441]
We propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors.
We then use this framework to test several state-of-the-art malware detectors' abilities to detect manipulated malware.
Our findings shed light on the limitations of current malware detectors, as well as how they can be improved.
arXiv Detail & Related papers (2021-11-19T08:02:38Z) - ML-based IoT Malware Detection Under Adversarial Settings: A Systematic
Evaluation [9.143713488498513]
This work systematically examines the state-of-the-art malware detection approaches, that utilize various representation and learning techniques.
We show that software mutations with functionality-preserving operations, such as stripping and padding, significantly deteriorate the accuracy of such detectors.
arXiv Detail & Related papers (2021-08-30T16:54:07Z) - Increasing the Confidence of Deep Neural Networks by Coverage Analysis [71.57324258813674]
This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model against different unsafe inputs.
Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs.
arXiv Detail & Related papers (2021-01-28T16:38:26Z) - Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance.
We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems.
We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
arXiv Detail & Related papers (2020-10-19T13:09:31Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.