A Brain-inspired Approach for Malware Detection using Sub-semantic Hardware Features

Despite significant efforts to enhance the resilience of computer systems against malware attacks, the abundance of exploitable vulnerabilities remains a significant challenge. While preventing compromises is difficult, traditional signature-based static analysis techniques are susceptible to bypassing through metamorphic/polymorphic malware or zero-day exploits. Dynamic detection techniques, particularly those utilizing machine learning (ML), have the potential to identify previously unseen signatures by monitoring program behavior. However, classical ML models are power and resource intensive and may not be suitable for devices with limited budgets. This constraint creates a challenging tradeoff between security and resource utilization, which cannot be fully addressed through model compression and pruning. In contrast, neuromorphic architectures offer a promising solution for low-power brain-inspired systems. In this work, we explore the novel use of neuromorphic architectures for malware detection. We accomplish this by encoding sub-semantic micro-architecture level features in the spiking domain and proposing a Spiking Neural Network (SNN) architecture for hardware-aware malware detection. Our results demonstrate promising malware detection performance with an 89% F1-score. Ultimately, this work advocates that neuromorphic architectures, due to their low power consumption, represent a promising candidate for malware detection, especially for energy-constraint processors in IoT and Edge devices.