LAUSR

Malware is a major threat to present-day computing systems. With the rapid growth of Internet of Things (IoT) devices and their usage in safety critical systems, security has become increasingly important. Securing IoT devices is a challenge for designers, as they are generally resource constrained, which makes real-time software-based malware detection difficult or infeasible. A promising alternative approach is to utilize intrinsic hardware-based malware detectors to alleviate power and performance overheads. In this brief, we introduce a novel Hardware Immune System (HWIS), a stand-alone, hardware-supported malware detection approach for microprocessors that leverages Artificial Immune Systems for detecting botnet activity. This technique is intended for low-power, resource constrained and network facing embedded devices. The proposed model is capable of detecting botnet behavior with an accuracy of 96.7% and F1-score of 0.96. The technique is implemented in hardware and verified using Spartan-7 FPGA. Our technique achieves power, LUTs, FFs, DSPs, and BRAMs utilization overheads of 0.6%, 8.5%, 11.8%, 0%, and 0%, respectively, with no impact on delay using the RISC-V CPU as a baseline.