Analyzing Hardware Based Malware Detectors Using Machine Learning Techniques
Date
Authors
Randive, Onkar
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Growth of malware has been a serious problem in the technology community and would continue to grow with new advances in technology. Traditional software-based malware detection systems have proved to be inadequate. Behavioral malware detection systems have proved to be an improvement but are limited due to the fact that they are resource intensive and still prone to exploitation. Hardware based malware detection has proved to be an effective answer to reduce exploitability of computer systems due to less visibility and access for exploitation. This work shows the results of using different machine learning classifiers for Hardware based malware detection. Further, it analyzes the hardware implementation of these machine classifiers on an FPGA by discussing the latency and area requirements of the machine learning classifiers. It is proposed that classifiers with less or limited number of features for reduced system overhead especially in resource constrained environments like real time systems or embedded systems. Hence, the number of features fed to the classifier are reduced by using feature selection technique called Principal Component Analysis. Simple ML Classifiers like JRIP and OneR prove to be more efficient than complex ML classifiers like neural networks. The results for multiclass classification using Multinomial logistic regression, Multilayer Perceptron and Support Vector machines show that PCA assisted multiclass classifies prove to be 7% more efficient than regular Multiclass classifiers. Further the limitations of the above work are discussed by explaining solution leading to future works in this topic.
Description
Keywords
Hardware performance counters, Machine learning, Malware detection, Malware classification