The system uses the Pi, an H-field probe and an o-scope to detect electromagnetic wave signatures from multiple virus types. (Image credit: Institute of Computer Science and Random Systems)
Researchers from the Institute of Computer Science and Random Systems have developed a novel approach to detect malware on IoT devices without using software. Instead, the researchers designed a Raspberry Pi-based platform that uses an H-field probe and oscilloscope to detect electromagnetic wave signatures emanated by different virus types.
The idea behind the design is that running software generates electromagnetic waves, and each piece of software generates its unique wave patterns by the way the software executes its code. The researchers took advantage of this finding and began using an H-field probe to capture wave patterns of known computer viruses running on several different platforms and viewed the results via an oscilloscope. They discerned patterns unique to the individual viruses as they were executed and used that data to program a Raspberry Pi to identify data from other devices to recognize their wave patterns.
To determine if a virus is running on a computer, IoT device or smartphone, a user places the H-field probe close enough to the device to read the electromagnetic waves that it’s generating. The Raspberry Pi then reports on whether it found any viruses, and if so, which types. Testing found the system is capable of detecting 99.82% of generic malware and benign virus types. What’s more, it’s not susceptible to obfuscation techniques that mask the virus to keep it from being detected, which makes the Pi system ideal for malware analysts.
Have a story tip? Message me at: http://twitter.com/Cabe_Atwell