We won a CREACH Labs PhD thesis financing!
Our multidisciplinary team around Marc-Oliver Pahl (Professor, Chaire cyberCNI.fr, IMT Atlantique, UMR IRISA/SOTERN, Rennes), Yehya Nasser (Maitre de Conférence, IMT Atlantique/Lab-STICC/2AI, Brest, France) and Mohammed Nassar (Associate Professor, University of New Haven, Cyber-Crime Center, USA) won a prestigious CREACH LABS funding for research on a “Realtime AI-Based Power Assisted Malware Predictor”!
Now we are looking for an exceptionally talented PhD student developing this project with us.
As the title suggests, we want to look at detecting malware by looking at hardware side-channel information. To do so we want to employ Machine Learning (ML) / Artificial Intelligence (AI). Malicious software is considered as a critical security problem in modern computational systems. Detection of malware in these systems is emerging as an effective solution to increasing security threats [Nisarg2017]. Anti-virus software is not enough to detect malware, especially with the advancement of malware evasion techniques that integrate new obfuscation features [Zhixin2021]. Recent research outcomes show the importance of exploiting hardware features such as hardware performance counters (HPCs) and power consumption in hardware security. In this project, we propose a real-time power assisted AI-based malware detection for modern processors integrated in the Industrial Internet of Things (IIoT). In-depth analysis of the practicalities of integrating the power consumption profiles and execution performance (of an application running on a processing system) in malware detection AI models on emerging RISC-V ISA (Instruction Set Architecture) will be conducted. In parallel, deep learning (DL) will be used for malware analysis, binary (malware-benign) classification and malware family classification. DL was found efficient to replace manual feature engineering (e.g., Malconv). The advantage of DL is that it can consume raw malware data, including hardware features such as power consumption and software features such as execution performance indicators.
- [Zhixin2021] Pan, Zhixin, et al., Hardware-Assisted Malware Detection using Machine Learning., 2021, DATE.
- [Nisarg2017] Patel, Nisarg, and al., Analyzing hardware-based malware detectors. 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).
About CREACH labs
In 2021, CREACH labs was founded by the actors DGA, AID, the Brittany Region, ANSSI, CNRS, CentraleSupélec, ENIB, ENS Rennes, ENSTA Bretagne, IMT Atlantique, Inria, INSA, UBO, UBS, UR1, and UR2. The goal of CREACH labs is fostering excellent scientific research projects.
In addition to the criteria of excellence proper to any scientific evaluation (originality, ambition,
positioning in relation to the state of the art, etc.), the jury will particularly appreciate proposals that
proposals having at least one of the following characteristics:
- Subjects highlighting a strong synergy with DGA Maitrise de l’information’s SSI cluster and/or
and/or are part of the region’s specialization strategy (S3);
- Projects highlighting synergies between different teams, exploring
the interest of new techniques in the field of security (for example in the field of law, sociology
sociology, geopolitics, etc.).
Marc-Oliver is an adjunct professor of Carleton University in Canada. Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He is an experienced teacher and an eLearning pioneer, holding several teaching awards.
Marc-Oliver holds a Diploma from University of Tübingen and a PhD from Technical University of Munich.
Marc-Oliver is Vice President of the German Chapter of the Association for Computing Machinery (ACM) (https://germany.acm.org/). He heads the Future Education activities of the German-French Academy for the Industry of the Future (https://future-industry.org/).
Marc-Oliver’s research focus is on a holistic approach to cybersecurity. He works on security-by-design, anomaly detection, human-in-the-loop, and automation. His goal is making cybersecurity manageable, resulting in highly resilient and reliable systems. Marc-Oliver publishes regularly in the network and service management and security communities.
- Join Our Team: Cyber-Physical Testbed Engineer Wanted! - February 26, 2024
- Horizon Europe CyberSecDome progressing in Rennes - February 23, 2024
- CyberCTF – A Reusable French-German Capture The Flag Platform Including Demonstrational Cybersecurity Teaching Elements - February 22, 2024
