The world’s largest companies are grappling with increasingly widespread and sophisticated malware attacks, but an interesting new malware detection technique could help companies thwart these threats without needing any software.
A team of researchers at France’s Research Institute of Computer Science and Random Systems created an anti-malware system centered around a Raspberry Pi that scans devices for electromagnetic waves. As reported by Tom’s Hardware, the security device uses an oscilloscope (Picoscope 6407) and H-Field probe connected to a Raspberry Pi 2B to pick up abnormalities in specific electromagnetic waves emitted by computers that are under attack, a technique the researchers say is used to “obtain precise knowledge about malware type and identity.”
The detection system then relies on Convolution Neural Networks (CNN) to determine whether the data gathered indicates the presence of a threat. Using this technique, researchers claims they could record 100,000 measurement traces from IoT devices infected by genuine malware samples, and predicted three generic and one benign malware class with an accuracy as high as 99.82%.
Best of all, no software is needed and the device you’re scanning doesn’t need to be manipulated in any way. As such, bad actors won’t be successful with their attempts to conceal malicious code from malware detection software using obfuscation techniques.
“Our method does not require any modification on the target device. Thus, it can be deployed independently from the resources available without any overhead. Moreover, our approach has the advantage that it can hardly be detected and evaded by the malware authors,” researchers wrote in the paper.
Keep in mind that this system was made for research purposes, not to be released as a commercial product, though it may inspire security teams to look into novels way of using EM waves to detect malware. The research is currently in its early stages and the neural network will need to be further trained before it could have any practical uses.
For now, the system is a unique approach to secure devices by making it difficult for malware writers to hide their code, but the tech is nowhere near being available to the public.
And while this might sound promising as a low-cost method for detecting malware given the use of a Raspberry Pi, the other EM wave-scanning equipment costs several thousands of dollars. Despite its limitations, it’s encouraging to see research approach such an important issue from a unique angle—who knows, this simple setup could one day help prevent the next major breach.