Using Side Channel Information and Artificial Intelligence for Malware Detection

TL;DR

This paper explores how side channel information, combined with artificial intelligence, can be used to detect malware on computing platforms without needing access to the code itself.

Contribution

It introduces a novel approach leveraging hardware side channel data and AI techniques for malware detection, expanding cybersecurity tools beyond traditional methods.

Findings

Side channel data can reveal malware presence.

AI models effectively classify malicious activity.

Method does not require code access.

Abstract

Cybersecurity continues to be a difficult issue for society especially as the number of networked systems grows. Techniques to protect these systems range from rules-based to artificial intelligence-based intrusion detection systems and anti-virus tools. These systems rely upon the information contained in the network packets and download executables to function. Side channel information leaked from hardware has been shown to reveal secret information in systems such as encryption keys. This work demonstrates that side channel information can be used to detect malware running on a computing platform without access to the code involved.