I don’t even know what I think about this. Researchers have developed a malware detection system that uses EM waves: “Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.”
Abstract: The Internet of Things (IoT) is constituted of devices that are exponentially growing in number and in complexity. They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.
We will present a novel approach of using side channel information to identify the kinds of threats that are targeting the device. Using our approach, a malware analyst is able to obtain precise knowledge about malware type and identity, even in the presence of obfuscation techniques which may prevent static or symbolic binary analysis. We recorded 100,000 measurement traces from an IoT device infected by various in-the-wild malware samples and realistic benign activity. Our method does not require any modification on the target device. Thus, it can be deployed independently from the resources available without any overhead. Moreover, our approach has the advantage that it can hardly be detected and evaded by the malware authors. In our experiments, we were able to predict three generic malware types (and one benign class) with an accuracy of 99.82%. Even more, our results show that we are able to classify altered malware samples with unseen obfuscation techniques during the training phase, and to determine what kind of obfuscations were applied to the binary, which makes our approach particularly useful for malware analysts.
This seems impossible. It’s research, not a commercial product. But it’s fascinating if true.
More Stories
Lazarus Group Blamed for Atomic Wallet Heist
Notorious North Korean group pegged for recent campaign Read More
Cyber Extortionists Seek Out Fresh Victims in LatAm and Asia
Ukraine war may have been catalyst for targeting non-NATO countries Read More
Smashing Security podcast #325: Rick Astley and the little birdie scam
Australia's signal intelligence agency calls upon an Eighties popstar to fight terrorism, and a simple act of kindness leads to...
Clop extortion gang gives MOVEit exploit victims one week to reach out
The threat group behind the Clop ransomware took credit for the recent attacks exploiting a zero-day SQL injection vulnerability in...
Network Perception wants to give more visibility into IoT
The latest version of Network Perception’s NP-View platform, which is designed to provide deep insights into industrial and other operational...
Now TikTok is even banned from US govt contractors’ personal smartphones
TikTok is making headlines again, and - as usual - it's not for a good reason. Read more in my...