Faculty Mentor Information
Dr. Jyh-Haw Yeh, Boise State University
Additional Funding Sources
NSF Cloud Computing and Privacy REU Award Number: 2244596
Presentation Date
7-2023
Abstract
In the realm of modern technology, malware has become a paramount concern. Defined as any software designed with malicious intent, malware manifests in numerous types that infect computer systems and devices. As of 2023, executable files account for 53% of computer viruses' spread. Compounded by the emergence of AI and polymorphic malware, attackers have intensified their efforts to obfuscate malicious code, rendering traditional defenses, such as signature-based detection systems, ineffective. To counter the evolving nature of modern malware, the adoption of machine learning (ML) models for detection has gained prominence. These models are able to continuously analyze memory and other data, identifying new patterns and features that aid in uncovering previously hidden malware variants. While ML-based detection systems demonstrate commendable performance, they still have vulnerabilities that necessitate further exploration. In this research proposal, we aim to address the aforementioned gaps and challenges by developing novel techniques to robustify ML-based malware detection systems. Specifically, we will focus on designing a testing framework that utilizes adversarial machine learning to generate AEs as variants of known modern malware datasets. These AEs will simulate real-world attack strategies, thereby enabling researchers to continuously update detection systems and enhance their resilience against emerging threats. Additionally, we will explore the development of comprehensive evaluation methods that incorporate robustness as a central metric to gauge the effectiveness of ML-based detection systems.
Enhancing Malware Analysis and Detection Using Adversarial Machine Learning Techniques
In the realm of modern technology, malware has become a paramount concern. Defined as any software designed with malicious intent, malware manifests in numerous types that infect computer systems and devices. As of 2023, executable files account for 53% of computer viruses' spread. Compounded by the emergence of AI and polymorphic malware, attackers have intensified their efforts to obfuscate malicious code, rendering traditional defenses, such as signature-based detection systems, ineffective. To counter the evolving nature of modern malware, the adoption of machine learning (ML) models for detection has gained prominence. These models are able to continuously analyze memory and other data, identifying new patterns and features that aid in uncovering previously hidden malware variants. While ML-based detection systems demonstrate commendable performance, they still have vulnerabilities that necessitate further exploration. In this research proposal, we aim to address the aforementioned gaps and challenges by developing novel techniques to robustify ML-based malware detection systems. Specifically, we will focus on designing a testing framework that utilizes adversarial machine learning to generate AEs as variants of known modern malware datasets. These AEs will simulate real-world attack strategies, thereby enabling researchers to continuously update detection systems and enhance their resilience against emerging threats. Additionally, we will explore the development of comprehensive evaluation methods that incorporate robustness as a central metric to gauge the effectiveness of ML-based detection systems.