Malware, a broad term for any type of malicious software, is a piece of code designed by cyber attackers to infect computing systems without the user consent, typically for harmful purposes such as stealing sensitive information. The ubiquity of information technology has made malware a serious threat. Detecting malware in a system is a difficult task, particularly when the malware is stealthy. Hardware-assisted malware detection (HMD) mechanisms seek runtime detection of malware. However, several challenges exist with deployment of HMD including limited availability of hardware registers, diversity of microarchitectural events, and difficulty of anomalous behavior detection for stealthy malware. Proposed research aims to find lightweight HMDs that are not too costly to implement and provide continuous runtime monitoring.
The core research agenda is development of lightweight malware detection mechanisms using low level microarchitectural behavior. Specifically, this project is interested in (i) developing effective machine-learning classifier against malware that are relatively inexpensive to implement; and (ii) development of tools and methods for evaluating effectiveness and robustness of various solution alternatives.
From a societal viewpoint, this work enhances the research, education, and diversity at University of California Davis (UCD) by involving graduate, undergraduate, minority and female students, and enriches several courses that are offered at UCD. The proposed research effort could inspire and enable new approaches to securing computer systems, in particular in emerging domains such as Internet-of-Things (IoT), where computational requirement is constrained. Research results will be integrated in graduate and undergraduate courses offered by the investigator.
The proposed solutions will be freely shared and broadly disseminated through public portals, https://ece.gmu.edu/~hhomayou/publications.html and GitHub: https://github.com/ASEEC/ML_classifier and https://github.com/ASEEC/HPC_Trace.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.