[Back]

M. Wahab, J. Milosevic, F. Regazzoni, A. Ferrante:
"Power & performance optimized hardware classifiers for efficient on-device malware detection";
Talk: Sixth Workshop on Cryptography and Security in Computing Systems, Valencia, Spain; 01-21-2019; in: "Proceedings of the Sixth Workshop on Cryptography and Security in Computing Systems", ACM, New York (2019), ISBN: 978-1-4503-6182-8; 23 - 26.

Dynamic malware detection methods are able to detect the presence of malware at run-time, while malicious payloads are being executed. These methods are valuable tools in detection and protection from ever-increasing malicious threats, in particular, dynamic code loading and execution of previously-encrypted payloads, which are both scenarios where commonly used static analysis cannot provide reliable detection. However, in order to detect the execution of malware in its early stage, these approaches need to be run directly on devices, which are typically battery-powered. In order to improve the battery runtime of these devices, malware detectors (and so the classifiers on which they are based) need to be implemented in a low power fashion. This work presents HLS-generated versions of three classifiers commonly used for dynamic malware detection: Logistic Regression, Naive Bayes and Support Vector Machines. These classifiers are first optimized for power and then optimization directives are added to improve performance. The results show that the hardware classifiers decrease the power consumption up to 33 times with respect to their software counterparts, while providing the same accuracy.

Malware detection, Android OS, classification, FPGA, Zynq

http://dx.doi.org/10.1145/3304080.3304085