Security News > 2022 > January > Using EM Waves to Detect Malware

Researchers have developed a malware detection system that uses EM waves: "Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification."

They use numerous customized firmware and hardware, without taking into consideration security issues, which make them a target for cybercriminals, especially malware authors.

Using our approach, a malware analyst is able to obtain precise knowledge about malware type and identity, even in the presence of obfuscation techniques which may prevent static or symbolic binary analysis.

We recorded 100,000 measurement traces from an IoT device infected by various in-the-wild malware samples and realistic benign activity.

Thus, it can be deployed independently from the resources available without any overhead. Moreover, our approach has the advantage that it can hardly be detected and evaded by the malware authors.

In our experiments, we were able to predict three generic malware types with an accuracy of 99.82%. Even more, our results show that we are able to classify altered malware samples with unseen obfuscation techniques during the training phase, and to determine what kind of obfuscations were applied to the binary, which makes our approach particularly useful for malware analysts.

News URL

https://www.schneier.com/blog/archives/2022/01/using-em-waves-to-detect-malware.html