TY - JOUR
T1 - HPC-based Malware Detectors Actually Work: Transition to Practice After a Decade of Research
AU - Konstantinou, Charalambos
AU - Wang, Xueyang
AU - Krishnamurthy, Prashanth
AU - Khorrami, Farshad
AU - Maniatakos, Michail
AU - Karri, Ramesh
N1 - KAUST Repository Item: Exported on 2022-01-18
PY - 2022
Y1 - 2022
N2 - For the first time in 2011, researchers proposed using Hardware Performance Counters (HPCs) that are built into all processors as a pragmatic yet zero-cost solution for security. Online monitoring of HPCs can defend against malware using anomaly detection. Over the last decade, HPC-based malware detection transitioned from academic research through government transition to industry adoption. We outline this evolution by presenting use cases on critical power grid infrastructure protection as part of DARPA RADICS program, as well as describing how HPCs are utilized within Intel’s HPC-based Threat Detection Technology (TDT), which is further used by Microsoft Defender for Endpoint.
AB - For the first time in 2011, researchers proposed using Hardware Performance Counters (HPCs) that are built into all processors as a pragmatic yet zero-cost solution for security. Online monitoring of HPCs can defend against malware using anomaly detection. Over the last decade, HPC-based malware detection transitioned from academic research through government transition to industry adoption. We outline this evolution by presenting use cases on critical power grid infrastructure protection as part of DARPA RADICS program, as well as describing how HPCs are utilized within Intel’s HPC-based Threat Detection Technology (TDT), which is further used by Microsoft Defender for Endpoint.
UR - http://hdl.handle.net/10754/674955
UR - https://ieeexplore.ieee.org/document/9681697/
U2 - 10.1109/MDAT.2022.3143438
DO - 10.1109/MDAT.2022.3143438
M3 - Article
SN - 2168-2364
SP - 1
EP - 1
JO - IEEE Design & Test
JF - IEEE Design & Test
ER -