{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T10:03:15Z","timestamp":1725530595240},"reference-count":0,"publisher":"EasyChair","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"abstract":"<jats:p>Malware detection is still one of the difficult problems in computer security because of the occurrence of newer varieties of malware programs. There has been an enormous effort in developing a generalised solution to this problem, but a little has been done considering the security of resource constraint embedded devices. In this paper, we at- tempt to develop a lightweight malware detection tool designed specifically for embedded platforms using micro-architectural side-channel information obtained through Hardware Performance Counters (HPCs). The methodology aims to develop a distance metric, called \u03bb, for a given program from a benign set of programs which are expected to execute in the embedded environment. The distance metric is decided based on observations from carefully chosen features, which are tuples of high-level system calls along with low-level HPC events. An ideal \u03bb-value for a malicious program is 1, as opposed to 0 for a benign program. However, in reality, the efficacy of \u03bb to classify a malware largely depends on the proper assignment of weights to the features. We employ a gradient-descent based learning mechanism to determine optimal choices for these weights. We justify through experimental results on an embedded Linux running on an ARM processor that such a side-channel based learning mechanism improves the classification accuracy significantly compared to an ad-hoc selection of the weights, and leads to significantly low false positives and false negatives in all our test cases.<\/jats:p>","DOI":"10.29007\/5sdj","type":"proceedings-article","created":{"date-parts":[[2018,9,10]],"date-time":"2018-09-10T23:44:02Z","timestamp":1536623042000},"page":"1--15","source":"Crossref","is-referenced-by-count":0,"title":["Side-Channel Assisted Malware Classifier with Gradient Descent Correction for Embedded Platforms"],"prefix":"10.29007","volume":"7","author":[{"given":"Manaar","family":"Alam","sequence":"first","affiliation":[]},{"given":"Debdeep","family":"Mukhopadhyay","sequence":"additional","affiliation":[]},{"given":"Sai Praveen","family":"Kadiyala","sequence":"additional","affiliation":[]},{"given":"Siew Kei","family":"Lam","sequence":"additional","affiliation":[]},{"given":"Thambipillai","family":"Srikanthan","sequence":"additional","affiliation":[]}],"member":"11545","event":{"name":"PROOFS 2018. 7th International Workshop on Security Proofs for Embedded Systems"},"container-title":["Kalpa Publications in Computing"],"original-title":[],"deposited":{"date-parts":[[2018,9,10]],"date-time":"2018-09-10T23:44:05Z","timestamp":1536623045000},"score":1,"resource":{"primary":{"URL":"https:\/\/easychair.org\/publications\/paper\/Fhjh"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"references-count":0,"URL":"https:\/\/doi.org\/10.29007\/5sdj","relation":{},"ISSN":["2515-1762"],"issn-type":[{"type":"print","value":"2515-1762"}],"subject":[]}}