Windows 10: Scientists Working On CPU That Can Detect Malware At Hardware Level
Scientists Working On CPU That Can Detect Malware At Hardware Level
Researchers are working on a new CPU chip design that will extend the fight against malware at the hardware level in an attempt to bolster computers, mobiles, and other devices against the rising wave of security threats.
The work is being carried out by two teams of researchers from the Binghamton University and the University of California-Riverside.
The project is named "Practical Hardware-Assisted Always-On Malware Detection" and will be funded through a three-year research grant of $275,000 the teams received from the National Science Foundation.
New chip design to detect process anomalies inside the CPU
The principle at the base of this research is to modify a CPU chip to include extra logic to detect anomalies in running processes. Once something out of order is detected, the CPU will alert local security software that something is wrong. The local security software will have the final decision on what to do with the detected anomaly.
Researchers are sceptic that the modified CPU will pick up all threats, but they view their project as an extra layer of defense they can add to CPUs, and not as a standalone security system.
Scientists say that the CPU will use low complexity machine learning algorithms to classify malware from normal processes.
"The detector is, essentially, like a canary in a coal mine to warn software programs when there is a problem," said Dmitry Ponomarev, professor of computer science at Binghamton University, State University of New York.
"The hardware detector is fast, but is less flexible and comprehensive. The hardware detector’s role is to find suspicious behavior and better direct the efforts of the software," Prof. Ponomarev also added.
Previous work on this topic
The work of Prof. Ponomarev and his team is not unique. In 2014, a team of three researchers from the Columbia University in New York, have also explored the subject in their paper titled "Unsupervised Anomaly-based Malware Detection using Hardware Features."
In their work, the Columbia team used a similar system to the one proposed by the Binghamton and California-Riverside researchers. The Columbia team used unsupervised machine learning to build profiles of normal program execution based on data from performance counters and used these profiles to detect significant deviations in program behavior that occurred as a result of malware exploitation attempts.
Similar work has been carried out by Intel and researchers from Clarkson University. The work of the Binghamton researcher team, on which this project is based, is detailed in research papers titled "Hardware-based Malware Detection using Low-level Architectural Features" and "Ensemble Learning for Low-level Hardware-supported Malware Detection."
In recent months, news about CPUs and security involved researchers bypassing ASLR protections on Intel Haswell CPUs or researchers finding hidden code (some would call it a backdoor) inside the architecture of Intel x86 processors. In fact, two of the researchers working on this project, were also on the team that discovered the Intel Haswell CPU ASLR bypass technique.
Hope they can pull it off.
It sounds very difficult to achieve but I hope they succeed.
Possibly a bit of a waste of money IMO -- what is actually "A threat" -- what happens if the hardware thinks something is bad but it's actually OK (there's enough trouble with current AV software with False positive warnings).
Getting a grant for this type of stuff is like getting a grant of 100,000's of dollars to verify that people getting drunk at weekends in city centres are more likely to cause trouble than people staying at home !!!.
Money IMO would be better spent on training USERS to use computers more sensibly and avoid obvious risks like opening email links from unknown senders, giving out too much data on social media or opening fake web sites purporting to be from Banks / Police / Tax authorities etc.
I'm all for progress but this IMO as a 100% waste of money. Sounds like a typical Govt or public sector idea.
Has reminders about US Federal Govt paying well over the odds for Toilet seats for the military and zillions of other similar projects. - Not only US federal Govt but almost any public sector contract worldwide !!!!.
I think Jimbo is utterly right on this regard.
I left my computer on while on the pause screen of Fallout 4 and it eventually fell asleep, when I came back a moved the mouse to wake up the computer but nothing happened, the monitor said there was no signal even though no wires were moved. I...
Soon™: The next Level......10.0.10587.th2 ;)
Hello, I've just about given up trying to fix this and am ready to reinstall the OS, but maybe someone here knows what's wrong and how to fix it. The computer was upgraded to Windows 10 and had some minor malware that was removed. After the...
Hello, I am having trouble getting my internet connection to work with an ethernet cord. I have no problem using wifi, but i get disconnected on wifi pretty frequently. I have two ethernet cords in my possession, one of them is new, and neither...
I tried to install Nvidia driver but it always says the driver didn't detect any compatible graphic hardware ?