Researchers have discovered a way to check for malware on internet of things (IoT) devices with almost 100% accuracy using machine learning and a Raspberry Pi.
The method makes use of a signal probe that is passed over the device being tested, and can tell whether it is infected just by listening to the electromagnetic waves it gives off. The device can then “obtain precise knowledge about malware type and identity” by using machine learning to classify the malware.
Brilliant but expensive
This seems like a pretty big deal to us. And better still, the team behind the invention have shared all the code you need to make your own malware detector on GitHub. But before you get too excited, the project is based around a PicoScope 6407, which is an expensive bit of kit. You’re looking at spending upwards of $10,000 to build your own.
The project also features an oscilloscope, a Langer PA-303 amplifier and RF-R H-Field, and a Raspberry Pi 2 Model B. The Raspberry Pi was used to train the device, and its GPIO also serves as the trigger signal when it’s in detecting mode.
Steps taken to train the model using benign and malware datasets can be found here.
Meet the malware-detecting research team
This project is the work of Duy-Phuc Pham, Damien Marion, Mathieu Mastio, and Annelie Heuser from the Research Institute of Computer Science and Random Systems (IRISA) in France. They presented this work at the 2021 Annual Computer Security Applications Conference (ACSAC) in December. You can read their full research paper: Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification thanks to HAL open science.