2018 Technology Innovation Program Heartbeat
Abstract
Heartbeat responds to this problem by focusing instead on the physical behavior of the device being protected, under the hypothesis that malware infection will produce a measurable change in the power consumption state of a device that can be picked up by an outside detector. All code execution uses power, so the execution of malware—especially polymorphic variants—will leave a trace on a power consumption record. The Heartbeat system collects power trace measurements directly from the hardware and so is invisible to malware and resilient to internet service interruption. By collecting power measurement data only during the periodic invocation of a single or of several system functions, Heartbeat will address several challenges that plague current anomaly-based intrusion detection systems and is operational-context agnostic.
- Publication Date:
- Research Org.:
- Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
- Sponsoring Org.:
- USDOE Office of Science (SC)
- OSTI Identifier:
- 1464786
- Resource Type:
- Multimedia
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING; HEARTBEAT; COMPUTERS; MALWARE; POWER GRID; COMPUTATIONAL SCIENCE
Citation Formats
. 2018 Technology Innovation Program Heartbeat. United States: N. p., 2018.
Web.
. 2018 Technology Innovation Program Heartbeat. United States.
. Fri .
"2018 Technology Innovation Program Heartbeat". United States. https://www.osti.gov/servlets/purl/1464786.
@article{osti_1464786,
title = {2018 Technology Innovation Program Heartbeat},
author = {},
abstractNote = {Heartbeat responds to this problem by focusing instead on the physical behavior of the device being protected, under the hypothesis that malware infection will produce a measurable change in the power consumption state of a device that can be picked up by an outside detector. All code execution uses power, so the execution of malware—especially polymorphic variants—will leave a trace on a power consumption record. The Heartbeat system collects power trace measurements directly from the hardware and so is invisible to malware and resilient to internet service interruption. By collecting power measurement data only during the periodic invocation of a single or of several system functions, Heartbeat will address several challenges that plague current anomaly-based intrusion detection systems and is operational-context agnostic.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {7}
}