Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Software Privacy Security Hardware Science Technology

Researchers Set To Work On Malware-Detecting CPUs (helpnetsecurity.com) 40

Orome1 quotes a report from Help Net Security: Adding hardware protections to software ones in order to block the ever increasing onslaught of computer malware seems like a solid idea, and a group of researchers have just been given a $275,000 grant from the National Science Foundation to help them work on a possible solution: malware-detecting CPUs. This project, titled "Practical Hardware-Assisted Always-On Malware Detection," will be trying out a new approach: they will modify a computer's CPU chip to feature logic checks for anomalies that can crop up while software is running. "The modified microprocessor will have the ability to detect malware as programs execute by analyzing the execution statistics over a window of execution," Ponomarev noted. "Since the hardware detector is not 100-percent accurate, the alarm will trigger the execution of a heavy-weight software detector to carefully inspect suspicious programs. The software detector will make the final decision. The hardware guides the operation of the software; without the hardware the software will be too slow to work on all programs all the time."
This discussion has been archived. No new comments can be posted.

Researchers Set To Work On Malware-Detecting CPUs

Comments Filter:
  • outstanding product safety record
  • by Anonymous Coward

    The software will make the final decision... oh so you mean just like it already does, got it.

  • In no way is this a good idea. No software is perfect, doubly so for security software. That includes the microcode this hardware is based on. Go ahead, implement it in hardware, which by definition cannot be upgraded or patched. Soon enough someone will find a vulnerability, and then an exploit, and there's nothing you can do to mitigate it beyond just buying newer hardware.

  • Not the first (Score:4, Interesting)

    by campuscodi ( 4234297 ) on Friday November 11, 2016 @06:02PM (#53268375)
    Since 2014 I've been reading about hardware-based detection. I'm starting to think this is just panacea... like those cloud-based antivirus engines that never picked up anything. Here's a bunch of research on the topic: http://www.ieee-security.org/T... [ieee-security.org] http://caslab.eng.yale.edu/wor... [yale.edu] http://www.cs.binghamton.edu/~... [binghamton.edu] http://www.cs.binghamton.edu/~... [binghamton.edu]
    • Intel tried to do something like this with their acquisition of McAffee.. Only to spin-off (sell) the company a few years later.

      Anybody know enough to explain how this is different?
  • fool's errand (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Friday November 11, 2016 @06:34PM (#53268509)

    The second you make hardware look for a pattern, they will design malware to violate that pattern and go undetected. This is a fool's errand.

    • 1. Make a program that asks the CPU if it's malware.
      2. Have the program do malwary stuff if the CPU says it's not malware, and do benign stuff otherwise.
      3. Profit! (Or laugh.)
  • This is the sort of stuff Intel should have developed with their McAfee acquisition.

    Companies seem to think innovation starts and ends with 'identifying potential synergies', 'acquisition', then "....profit!!!".

    For instance, eBay + Skype. They could have done something snazzy -- say, eBay seller webminars with combining web video+VoIP (downstream), and landline/mobile audio (conversation/questions sent upstream asynchronously. So the landline carries part of the audio spectrum). Instead, they just went 'BAU

  • Some form of cartridge system with a flap on the top. Externally flash chip and the user has a read only chip with new definitions and behavioural analysis.
    Fast, protected and total over view of all the hardware and software of the computer, network and OS.
    Display checksums of every upgradable part of the hardware and software.
    • I presume websites will be replaced with mail order catalogs from which appropriate site cartridges will arrive in 4-6 weeks?

  • by Anonymous Coward

    This idea has everything to do with vendor lock-in & DRM; don't let it get outta the gate.

  • Adding hardware protections to software ones in order to block the ever increasing onslaught of computer malware seems like a solid idea
    No it doesn't. Fix the real problem

It's a poor workman who blames his tools.

Working...