Detecting air-gapped attacks using machine learning |
| |
| Institution: | 1. School of Information Engineering, Zhengzhou University, Zhengzhou 450001, China;2. National Institute of Telecommunications (Inatel), Santa Rita do Sapucaí, MG, Brazil;3. Instituto de Telecommunicações, Portugal;4. University of Fortaleza (UNIFOR), Fortaleza, CE, Brazil;5. School of Computer Science and Engineering, Beihang University, Beijing 100191, China;6. School of Computer Science, Xidian University, Xi''an 710071, China;1. Science and Technology on Microsystem Laboratory, Shanghai Institute of Microsystem and Information Technology, Chinese Academy of Sciences, Shanghai 200050, China;2. Department of Mechanical and Biomedical Engineering, City University of Hong Kong, Hong Kong 999077, China;3. Department of Biology and Chemistry, City University of Hong Kong, Hong Kong 999077, China;4. CAS Key Laboratory for Biomedical Effects of Nanomaterials and Nanosafety, Multi-disciplinary Research Division, Institute of High Energy Physics, Chinese Academy of Sciences (CAS), Beijing 100049, China;5. College of Biomedical Engineering & Instrument Science, Zhejiang University, Hangzhou 310027, China;1. Department of Mechanical Engineering, Boston University, Boston, MA, USA;2. Department of Radiology, Boston University Medical Center, Boston, MA, USA;1. Oral and Maxillofacial Surgeon, Department of Oral and Maxillofacial Surgery, San Antonio Military Medical Center, Fort Sam Houston, TX;2. Burn Center and Clinical Division, US Army Institute of Surgical Research, Fort Sam Houston, TX;3. Dental and Trauma Research Detachment, US Army Institute of Surgical Research, Fort Sam Houston, TX;4. Dental and Trauma Research Detachment, US Army Institute of Surgical Research, Fort Sam Houston, TX;6. Dental and Trauma Research Detachment, US Army Institute of Surgical Research, Fort Sam Houston, TX;5. Dental and Trauma Research Detachment, US Army Institute of Surgical Research, Fort Sam Houston, TX;1. Department of Electronics and Communication Engineering, Sethu Institute of Technology, Madurai 625019, India;2. Department of Electronics and Communication Engineering, VMKV Engineering College, Vinayaka Mission''s Research Foundation, Salem 636308, India;3. Ciddse Technologies Pvt Ltd, Chennai 600087, India |
| |
| Abstract: | A GSMem malware can attack a computer connected physically with no network. However, none of the existing techniques can detect GSMem attacks, up to now. To address this problem, this paper puts forward a new method based on Machine Learning (ML), including Logistic Regression (LR), Random Forest (RF), Support Vector Machine (SVM), Boosted Tree (BT), Back-Propagation Neural Networks (BPNN) and Naive Bayes Classifier (NBC). At first, we use a large quantity of data in terms of frequencies and amplitudes of some electromagnetic waves to train our models. And then, we use the obtained models to predict that whether a GSMem attack occurs or not, according to a given frequency and amplitude. In a word, the GSMem intrusion detection problem is induced to a ML binary classification one, while the former problem is pending and the latter one has been solved. As a result, the former problem can be solved in principle in this way. The simulated experiments show that the new method is potential to detect a GSMem attack, with low False Positive Rates (FPR) and low False Negative Rates (FNR). |
| |
| Keywords: | Air-gapped computers GSMem Machine learning |
| 本文献已被 ScienceDirect 等数据库收录! |
|
