Scientists Working On CPU That Can Detect Malware At Hardware Level


  1. Posts : 258
    Windows 10
       #1

    Scientists Working On CPU That Can Detect Malware At Hardware Level


    Source: http://www.bleepingcomputer.com/news/security/scientists-working-on-a-cpu-that-can-detect-malware-at-the-hardware-level/

    Researchers are working on a new CPU chip design that will extend the fight against malware at the hardware level in an attempt to bolster computers, mobiles, and other devices against the rising wave of security threats.


    The work is being carried out by two teams of researchers from the Binghamton University and the University of California-Riverside.

    The project is named "Practical Hardware-Assisted Always-On Malware Detection" and will be funded through a three-year research grant of $275,000 the teams received from the National Science Foundation.

    New chip design to detect process anomalies inside the CPU
    The principle at the base of this research is to modify a CPU chip to include extra logic to detect anomalies in running processes. Once something out of order is detected, the CPU will alert local security software that something is wrong. The local security software will have the final decision on what to do with the detected anomaly.

    Researchers are sceptic that the modified CPU will pick up all threats, but they view their project as an extra layer of defense they can add to CPUs, and not as a standalone security system.

    Scientists say that the CPU will use low complexity machine learning algorithms to classify malware from normal processes.

    "The detector is, essentially, like a canary in a coal mine to warn software programs when there is a problem," said Dmitry Ponomarev, professor of computer science at Binghamton University, State University of New York.

    "The hardware detector is fast, but is less flexible and comprehensive. The hardware detector’s role is to find suspicious behavior and better direct the efforts of the software," Prof. Ponomarev also added.

    Previous work on this topic
    The work of Prof. Ponomarev and his team is not unique. In 2014, a team of three researchers from the Columbia University in New York, have also explored the subject in their paper titled "Unsupervised Anomaly-based Malware Detection using Hardware Features."

    In their work, the Columbia team used a similar system to the one proposed by the Binghamton and California-Riverside researchers. The Columbia team used unsupervised machine learning to build profiles of normal program execution based on data from performance counters and used these profiles to detect significant deviations in program behavior that occurred as a result of malware exploitation attempts.

    Similar work has been carried out by Intel and researchers from Clarkson University. The work of the Binghamton researcher team, on which this project is based, is detailed in research papers titled "Hardware-based Malware Detection using Low-level Architectural Features" and "Ensemble Learning for Low-level Hardware-supported Malware Detection."

    In recent months, news about CPUs and security involved researchers bypassing ASLR protections on Intel Haswell CPUs or researchers finding hidden code (some would call it a backdoor) inside the architecture of Intel x86 processors. In fact, two of the researchers working on this project, were also on the team that discovered the Intel Haswell CPU ASLR bypass technique.
      My Computer


  2. Posts : 579
    Windows 10 Home
       #2

    Thanks, RubberDucky!

    Good news!!

    Hope they can pull it off.
      My Computer


  3. Posts : 2,935
    Windows 10 Home x64
       #3

    It sounds very difficult to achieve but I hope they succeed.
      My Computer


  4. Posts : 11,247
    Windows / Linux : Arch Linux
       #4

    Hi there

    Possibly a bit of a waste of money IMO -- what is actually "A threat" -- what happens if the hardware thinks something is bad but it's actually OK (there's enough trouble with current AV software with False positive warnings).

    Getting a grant for this type of stuff is like getting a grant of 100,000's of dollars to verify that people getting drunk at weekends in city centres are more likely to cause trouble than people staying at home !!!.

    Money IMO would be better spent on training USERS to use computers more sensibly and avoid obvious risks like opening email links from unknown senders, giving out too much data on social media or opening fake web sites purporting to be from Banks / Police / Tax authorities etc.

    I'm all for progress but this IMO as a 100% waste of money. Sounds like a typical Govt or public sector idea.

    Has reminders about US Federal Govt paying well over the odds for Toilet seats for the military and zillions of other similar projects. - Not only US federal Govt but almost any public sector contract worldwide !!!!.

    Cheers
    jimbo
      My Computer


  5. Posts : 2,935
    Windows 10 Home x64
       #5

    I think Jimbo is utterly right on this regard.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:12.
Find Us




Windows 10 Forums