The ever-growing malware threats call for effective, yet efficient, mitigation techniques. Machine learning offers a promising solution to malware defense due to the scalability and automation that it brings. Machine learning techniques are however not a panacea for advanced malware attacks where cyber criminals can carefully craft malware features to evade detection. The root cause of such attacks can be attributed to the passive nature of existing machine learning-based malware defense systems.

Our project aims to enhance these systems with a novel moving target strategy. Our method differs from traditional methods that use feature selection schemes to search for a static subset of features for malware detection or classification. In contrast, our approach dynamically changes the features used to train a classification model for predicting future malware attacks. To prevent adversarial correlation analysis, our method uses a random walk technique to ensure that features used across different predictive models have low mutual information. We further study the effectiveness of the moving target approach in enhancing machine learning-based malware defense under various evasion strategies by malware attackers. If successful, this research will introduce a promising new strategy for mitigating the ever-growing malware threats.

Agency
National Science Foundation (NSF)
Institute
Division of Computer and Network Systems (CNS)
Type
Standard Grant (Standard)
Application #
1618631
Program Officer
Wei-Shinn Ku
Project Start
Project End
Budget Start
2016-09-01
Budget End
2021-08-31
Support Year
Fiscal Year
2016
Total Cost
$349,906
Indirect Cost
Name
Suny at Binghamton
Department
Type
DUNS #
City
Binghamton
State
NY
Country
United States
Zip Code
13902