• Login
    View Item 
    •   Scholarly Works @ SHSU Home
    • Faculty Research
    • Department of Computer Science
    • View Item
    •   Scholarly Works @ SHSU Home
    • Faculty Research
    • Department of Computer Science
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Identifying stealth malware using CPU power consumption and learning algorithms

    Thumbnail
    View/Open
    Article (669.0Kb)
    Date
    2018
    Author
    Lucket, Patrick
    McDonald, J. Todd
    Glisson, William Bradley
    Benton, Ryan
    Dawson, Joel
    Doyle, Blair A.
    Metadata
    Show full item record
    Abstract
    With the increased assimilation of technology into all aspects of everyday life, rootkits pose a credible threat to individuals, corporations, and governments. Using various techniques, rootkits can infect systems and remain undetected for extended periods of time. This threat necessitates the careful consideration of real-time detection solutions. Behavioral detection techniques allow for the identification of rootkits with no previously recorded signatures. This research examines a variety of machine learning algorithms, including Nearest Neighbor, Decision Trees, Neural Networks, and Support Vector Machines, and proposes a behavioral detection method based on low yield CPU power consumption. The method is evaluated onWindows 10, Ubuntu Desktop, and Ubuntu Server operating systems along with employing three different rootkits. Relevant features within the data are calculated and the overall best performing algorithms are identified. A nested neural network is then applied that enables highly accurate data classification. Our results present a viable method of rootkit detection that can operate in real-time with minimal computational and space complexity.
    URI
    https://hdl.handle.net/20.500.11875/2420
    Collections
    • Cyber Forensics Intelligence Center
    • Department of Computer Science
    Citation
    Patrick Luckett, J. Todd McDonald, William B. Glisson, Ryan Benton, Joel Dawson, Blair A. Doyle, "Identifying stealth malware using CPU power consumption and learning algorithms". Journal of Computer Security 26(2018) 589-613. DOI 10.3233/JCS-171060
    Description
    This is a post-print version of this article to see the final version go to the following citation Patrick Luckett, J. Todd McDonald, William B. Glisson, Ryan Benton, Joel Dawson, Blair A. Doyle, "Identifying stealth malware using CPU power consumption and learning algorithms". Journal of Computer Security 26(2018) 589-613. DOI 10.3233/JCS-171060

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    TDL
    Theme by 
    Atmire NV
     

     

    Browse

    All of Scholarly Works @ SHSUCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDepartmentThis CollectionBy Issue DateAuthorsTitlesSubjectsDepartment

    My Account

    LoginRegister

    DSpace software copyright © 2002-2016  DuraSpace
    Contact Us | Send Feedback
    TDL
    Theme by 
    Atmire NV