Antivirus software often relies on a combination of machine learning algorithms and frequently updated malware definitions to protect our computers from external threats. However, no antivirus software is perfect, and they occasionally miss updated or heavily disguised threats. That’s why researchers at the Institute for Computer Science and Stochastic Systems are trying to explore new ways to detect malicious programs that don’t rely on software solutions at all.
Instead, the four-member team is using electromagnetic pulses to detect harmful software. Even if the target is obfuscated. Their method is unorthodox, to say the least, but also fairly accurate based on their initial tests.
The technology developed by the team uses a Raspberry Pi to connect infected or potentially infected devices. The Pi interfaces with an H-field probe and an oscilloscope: the former detects the magnetic waves emitted by the device, and the latter visualizes them for malware analysts to review.
According to the researchers, different kinds of malware emit specific electromagnetic waves. Since everything seems to emit such waves these days, it’s not enough to just set up the system and analyze the output of the oscilloscope. Pi-based malware detectors must be trained on a variety of threats to improve their detection accuracy and eradicate false positives.
In the researchers’ experiments, the Pi was able to predict three “generic malware types” and one “benign” category (harmless malware that’s probably more annoying than anything) with about 99.82 percent accuracy. The team noted that it doesn’t matter what obfuscation techniques the software in question might use on the software side, because their devices don’t rely on software. It works at a higher level.
Complete News Source : TECHSPOT
