ENHANCED DETECTION OF MALWARE
A signifi cant development in the malware landscape in recent years is the ability of hackers to monetize compromised platforms by (1) gathering valuable information that can be sold, (2) using the platform’s resources to aid in an illicit or unwanted activity, or (3) holding information contained on the platform for ransom. Since the attacker’s potential monetary reward is increased the more the malware is undetected, a re-emergence of malware that can mask its presence from traditional security agents has occurred. Th is type of malware is referred to as stealth malware. Researchers and industry have found novel uses for cloud computing to detect malware. In this article, we present an overview of these uses and identify their
shortcomings. We present a cloud-computing-based architecture that improves the resiliency of the existing solutions, and we describe our prototype that is based on existing Intel platforms. We examine the new fi rmware that makes the existing architecture more robust. Our new platform-based tool can be utilized by security providers to help them keep pace with stealthy malware.