Detector IDs Bugs by Monitoring Power Use.

PositionMALWARE

Malware is evasive, intelligent, and sneaky No sooner than antivirus software is updated to combat the latest attacks, a computer virus already will have evolved into something harder to detect and potentially more damaging to a computer system.

Malware, though, is not without vulnerabilities. Engineers at the University of Texas, Austin, and North Carolina State University, Raleigh, have found an additional line of defense to detect threats that does not rely on the detection and protection provided by existing antivirus software programs. Their method detects the presence of malware in large-scale embedded computer systems by monitoring power usage and identifying unusual surges as signs of unwelcome security threats.

Malware frequently is designed to appear benign so that it can blend in with other applications on a computer system. However, a system's power usage cannot be manipulated, and the engineers realized this offered an opportunity to observe and identify power signatures that differ from known benign behavior, referred to as "power anomalies."

The new detection tool tracks power fluctuations specifically in embedded systems--from smartphones to industrial remote-control systems in power plants.

"We know what power consumption looks like when embedded systems are operating at normal levels," says Mohit Tiwari, assistant professor in the UT Department of Electrical and Computer Engineering. "By looking for power anomalies, we can tell with reasonable accuracy when malware is present in a system."

However, some malware is designed to conceal its presence by mirroring the power usage of benign programs. 'The real technical contribution of this work has been our ability to successfully model malware that conceals itself by mimicking the power signatures of benign...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT