I don’t even know what I think about this. Researchers have developed a malware detection system that uses EM waves: “Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification.”
Abstract: The Internet of Things (IoT) is constituted of devices that are exponentially growing in number and in complexity. They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.
We will present a novel approach of using side channel information to identify the kinds of threats that are targeting the device. Using our approach, a malware analyst is able to obtain precise knowledge about malware type and identity, even in the presence of obfuscation techniques which may prevent static or symbolic binary analysis. We recorded 100,000 measurement traces from an IoT device infected by various in-the-wild malware samples and realistic benign activity. Our method does not require any modification on the target device. Thus, it can be deployed independently from the resources available without any overhead. Moreover, our approach has the advantage that it can hardly be detected and evaded by the malware authors. In our experiments, we were able to predict three generic malware types (and one benign class) with an accuracy of 99.82%. Even more, our results show that we are able to classify altered malware samples with unseen obfuscation techniques during the training phase, and to determine what kind of obfuscations were applied to the binary, which makes our approach particularly useful for malware analysts.
This seems impossible. It’s research, not a commercial product. But it’s fascinating if true.
More Stories
Indian Fishermen Are Catching Less Squid
Fishermen in Tamil Nadu are reporting smaller catches of squid. Blog moderation policy. Read More
More on My AI and Democracy Book
In July, I wrote about my new book project on AI and democracy, to be published by MIT Press in...
NHS England Warns of Critical Veeam Vulnerability Under Active Exploitation
NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially...
US Border Agency Under Fire for App’s Handling of Personal Data
Access Now announced that the US Customs and Border Protection agency released records on its app following the NGO’s lawsuit...
IronNet Has Shut Down
After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity...
Sonatype Reports 156% Increase in OSS Malicious Packages
A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019,...