HPC-based Malware Detectors Actually Work: Transition to Practice After a Decade of Research
Permanent link to this recordhttp://hdl.handle.net/10754/674955
MetadataShow full item record
AbstractFor the first time in 2011, researchers proposed using Hardware Performance Counters (HPCs) that are built into all processors as a pragmatic yet zero-cost solution for security. Online monitoring of HPCs can defend against malware using anomaly detection. Over the last decade, HPC-based malware detection transitioned from academic research through government transition to industry adoption. We outline this evolution by presenting use cases on critical power grid infrastructure protection as part of DARPA RADICS program, as well as describing how HPCs are utilized within Intel’s HPC-based Threat Detection Technology (TDT), which is further used by Microsoft Defender for Endpoint.
CitationKonstantinou, C., Wang, X., Krishnamurthy, P., Khorrami, F., Maniatakos, M., & Karri, R. (2022). HPC-based Malware Detectors Actually Work: Transition to Practice After a Decade of Research. IEEE Design & Test, 1–1. doi:10.1109/mdat.2022.3143438
JournalIEEE Design & Test