Malware Detection Using Electromagnetic Side-Channel Analysis

Abstract

Many physical systems control or monitor important applications without the capacity to monitor for malware using on-device resources. Thus, it becomes valuable to explore malware detection methods for these systems utilizing external or off-device resources. This research investigates the viability of employing EM SCA to determine whether a performed operation is normal or malicious. A Raspberry Pi 3 was set up as a simulated motor controller with code paths for a normal or malicious operation. While the normal path only calculated the motor speed before updating the motor, the malicious path added a line of code to modify the calculated speed. A script from a control terminal then sent a signal to the Pi to have it conduct either the normal or malicious operation while an EM probe was set up to collect emission traces of those operations. These traces were split into training and testing data sets, with the training set used to train a SVC model. Afterwards, the model was run on the testing set and achieved 96% classification accuracy for classifying the trace as either normal or anomalous.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2022
Accession Number
AD1166829

Entities

People

  • Matthew A. Bergstedt

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Autonomy
  • Cyber

DTIC Thesaurus Topics

  • Accuracy
  • Air Force
  • Anomaly Detection
  • Artificial Intelligence
  • Change Detection
  • Computational Science
  • Computer Programming
  • Computer Science
  • Computers
  • Control Systems
  • Detection
  • Information Science
  • Internet Of Things
  • Machine Learning
  • Network Science
  • Operating Systems
  • Statistical Analysis
  • Supervised Machine Learning
  • United States Government

Readers

  • Cybersecurity.
  • Electrical Engineering
  • Neural Network Machine Learning.

Technology Areas

  • Cyber
  • Cyber - Quantum