Rootkit detection system
Abstract
A system and method (referred to as the system) detect infectious code. The system injects a repetitive software code that causes malware in a monitored device to render a detectable direct current power consumption profile. A guide wave generator generates a guide wave signal that establishes an observational window that is applied to data that represent a direct current source power consumption of the monitored device. An extraction device extracts a portion of the data that represent the direct current source power consumption of the monitored device. A deviation engine identifies the malware on the monitored device without processing data associated with a prior identification of the malware or identifying a source of the malware or identifying a location of the malware on the monitored device.
- Inventors:
- Issue Date:
- Research Org.:
- Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1840295
- Patent Number(s):
- 11074345
- Application Number:
- 16/427,109
- Assignee:
- UT-Battelle, LLC (Oak Ridge, TN)
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
- DOE Contract Number:
- AC05-00OR22725
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 05/30/2019
- Country of Publication:
- United States
- Language:
- English
Citation Formats
Dawson, Joel, and Passian, Ali. Rootkit detection system. United States: N. p., 2021.
Web.
Dawson, Joel, & Passian, Ali. Rootkit detection system. United States.
Dawson, Joel, and Passian, Ali. Tue .
"Rootkit detection system". United States. https://www.osti.gov/servlets/purl/1840295.
@article{osti_1840295,
title = {Rootkit detection system},
author = {Dawson, Joel and Passian, Ali},
abstractNote = {A system and method (referred to as the system) detect infectious code. The system injects a repetitive software code that causes malware in a monitored device to render a detectable direct current power consumption profile. A guide wave generator generates a guide wave signal that establishes an observational window that is applied to data that represent a direct current source power consumption of the monitored device. An extraction device extracts a portion of the data that represent the direct current source power consumption of the monitored device. A deviation engine identifies the malware on the monitored device without processing data associated with a prior identification of the malware or identifying a source of the malware or identifying a location of the malware on the monitored device.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2021},
month = {7}
}
Works referenced in this record:
Secure device and method for preventing side channel attack
patent, December 2012
- Kim, Ju Han; Kang, You Sung; Choi, Doo Ho
- US Patent Document 8,341,758
Generic rootkit detector
patent-application, March 2007
- Polyakov, Alexey A.; Cowie, Neil A.
- US Patent Application 11/210565; 20070055711
Threat detection using hardware physical properties and operating system metrics with AI data mining
patent-application, October 2020
- Ngo, HuyAnh D.; Martinez Castellanos, Juan A.; Tummalapenta, Srinivas B.
- US Patent Application 16/380970; 20200327255
System and method for detecting energy consumption anomalies and mobile malware variants
patent, December 2012
- Kim, Hahnsang; Shin, Kang G.
- US Patent Document 8,332,945
Phase-Space Detection of Cyber Events
conference, April 2015
- Hernández, Jarilyn M.; Ferber, Aaron; Prowell, Stacy
- Proceedings of the 10th Annual Cyber and Information Security Research Conference
Systems and methods for securing the power supply of command means of a microcircuit card in case of attack
patent, May 2013
- Morin, Nicolas; Giraud, Christophe
- US Patent Document 8,453,261
Method and apparatus for profiling power performance of software applications
patent-application, August 2005
- Banginwar, Rajesh; Gorbatov, Eugene
- US Patent Application 10/773860: 20050177327
Detecting software attacks by monitoring electric power consumption patterns
patent, January 2011
- Jacoby, Grant A.; Davis, Nathaniel; Marchany, Randolph C.
- US Patent Document 7,877,621
Code injection technique for remediation at an endpoint of a network
patent, November 2019
- Ismael, Osman Abdoul
- US Patent Document 10,474,813
Using power fingerprinting (PFP) to monitor the integrity and enhance security of computer based systems
patent, February 2016
- Reed, Jeffrey H.; Aguayo Gonzalez, Carlos R.
- US Patent Document 9,262,632
Method and Apparatus for Clearing Malicious Power-Consuming Application, and User Terminal
patent-application, February 2016
- Gou, Junwei; Li, Wei; Zhuang, Zhishan
- US Patent Application 14/927545; 20160048682
Unsupervised detection of anomalous processes using hardware features
patent, June 2018
- Sethumadhavan, Lakshminarasimhan; Tang, Adrian J.; Stolfo, Salvatore J.
- US Patent Document 9,996,694
System and method for monitoring power consumption to detect malware
patent-application, November 2018
- Prowell, Stacy J.; Nichols, Jeffrey A.; Hernandez Jimenez, Jarilyn M.
- US Patent Application 15/980045; 20180330091