A Raspberry Pi has been trained to detect malware that is actively engaging its victims. The Pi Malware Detection system relies on electromagnetic waves emanating from the potential victim's computer to detect malicious activity. Researchers claim the system achieved accuracy as high as 99.82% during testing.
A team of researchers from the Research Institute of Computer Science and Random Systems (IRISA) has jointly come up with a unique solution to sniff out malware. The Malware Detection System does not intercept any software or investigate data packets flowing in and out of any computer. Instead, the Raspberry Pi estimates, with a surprisingly high degree of accuracy, ongoing malware activity, by analyzing specific electromagnetic (EM) waves.
To develop the malware detection system, researchers hooked up a Raspberry Pi to an oscilloscope (Picoscope 6407) and an H-field probe to detect EM field changes. According to Tom's Hardware, they trained the Single Board Computer (SBC), “with both safe and malicious data sets to help define the parameters of a potential threat”.
Simply put, researchers taught the Raspberry Pi to recognize abnormal patterns of electromagnetic waves that are emitted by computers when they are being attacked by malware. When the researchers tested their solution, the trained Raspberry Pi managed to detect that a malware attack was underway, with an accuracy of 99.82%.
The biggest advantage of a Raspberry Pi Malware Detection system is that it is an external monitoring system. Users do not need to install any software on potential targets. Hence, this system remains completely immune to the countermeasures many types of malware deploy to evade detection or cripple anti-malware systems.
Needless to say, more testing would be needed to fine-tune the system. Moreover, researchers will have to routinely feed the system new malware, to ensure it can confidently detect an ongoing attack, and alert concerned teams.