Apply online to license this technology
Using conventional techniques, portable devices and wireless networks can be difficult to protect from malicious code. Common techniques for protecting a computer system from software attacks, such as antivirus programs and firewalls, typically employ a scanning function to detect known malicious code. All downloaded, executed code or network message packets are scanned for instructions or other signatures known to be present in worms or viruses. This technique is problematic when employed in portable devices because it can greatly increase power consumption and thereby reduce battery life. Also, scanning for malicious code can significantly reduce the performance of the microprocessors found in portable devices, since portable devices typically have relatively limited processing capability.
The Navy has developed a hardware/software solution capable of detecting undesired software attacks, worms, denial of service, flooding, or viruses on portable devices. The device includes a current sensing resistor for detecting an amount of electrical power or current consumed by the device. In operation, a threshold detector compares the amount of detected electrical power to a threshold value. If the detected electrical power consumption is higher than the threshold value, then it is likely that undesired software is operating, and an alert is sent to the user, microprocessor, or network administrator. This allows for the deployment of detailed and powerful antivirus tools. The device may include a network interface circuit (NIC) and a microprocessor. The sensor can detect an amount of power flowing to the NIC and microprocessor individually (the NIC and microprocessor can each have an associated sensor).
- Well suited for use in protecting mobile, battery-powered devices from malicious software attacks
- Power consumption can be detected once per second and the threshold value can be reduced when the monitored device enters sleep mode
- US patent 7,877,621 available for express licensing
- This technology has been tested against several software-based methods of malicious code detection. Data available