DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Rootkit detection system

Abstract

A system and method (referred to as the system) detect infectious code. The system injects a repetitive software code that causes malware in a monitored device to render a detectable direct current power consumption profile. A guide wave generator generates a guide wave signal that establishes an observational window that is applied to data that represent a direct current source power consumption of the monitored device. An extraction device extracts a portion of the data that represent the direct current source power consumption of the monitored device. A deviation engine identifies the malware on the monitored device without processing data associated with a prior identification of the malware or identifying a source of the malware or identifying a location of the malware on the monitored device.

Inventors:
;
Issue Date:
Research Org.:
Oak Ridge National Laboratory (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1840295
Patent Number(s):
11074345
Application Number:
16/427,109
Assignee:
UT-Battelle, LLC (Oak Ridge, TN)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
DOE Contract Number:  
AC05-00OR22725
Resource Type:
Patent
Resource Relation:
Patent File Date: 05/30/2019
Country of Publication:
United States
Language:
English

Citation Formats

Dawson, Joel, and Passian, Ali. Rootkit detection system. United States: N. p., 2021. Web.
Dawson, Joel, & Passian, Ali. Rootkit detection system. United States.
Dawson, Joel, and Passian, Ali. Tue . "Rootkit detection system". United States. https://www.osti.gov/servlets/purl/1840295.
@article{osti_1840295,
title = {Rootkit detection system},
author = {Dawson, Joel and Passian, Ali},
abstractNote = {A system and method (referred to as the system) detect infectious code. The system injects a repetitive software code that causes malware in a monitored device to render a detectable direct current power consumption profile. A guide wave generator generates a guide wave signal that establishes an observational window that is applied to data that represent a direct current source power consumption of the monitored device. An extraction device extracts a portion of the data that represent the direct current source power consumption of the monitored device. A deviation engine identifies the malware on the monitored device without processing data associated with a prior identification of the malware or identifying a source of the malware or identifying a location of the malware on the monitored device.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2021},
month = {7}
}

Works referenced in this record:

Secure device and method for preventing side channel attack
patent, December 2012


Generic rootkit detector
patent-application, March 2007


Threat detection using hardware physical properties and operating system metrics with AI data mining
patent-application, October 2020


Phase-Space Detection of Cyber Events
conference, April 2015


Method and apparatus for profiling power performance of software applications
patent-application, August 2005


Detecting software attacks by monitoring electric power consumption patterns
patent, January 2011


Method and Apparatus for Clearing Malicious Power-Consuming Application, and User Terminal
patent-application, February 2016


Unsupervised detection of anomalous processes using hardware features
patent, June 2018


System and method for monitoring power consumption to detect malware
patent-application, November 2018