USA flag logo/image

An Official Website of the United States Government

Malware Understanding using Dependence Graphs, Clustering, and Mining.

Award Information

Agency:
Department of Defense 		Branch:
Army 		Award ID:
 Program Year/Program:
2011 / STTR
Agency Tracking Number:
A11A-020-0014 		Solicitation Year:
2011 		Solicitation Topic Code:
A11a-T020 		Solicitation Number:
2011.A
Small Business Information
NOVASHIELD, Inc.
918 Deming Way Floor 3 Madison, WI 53717-1945
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2011
Title: Malware Understanding using Dependence Graphs, Clustering, and Mining.
Agency / Branch: DOD / ARMY
Contract: W911NF-11-C-0241
Award Amount: $100,000.00
 

Abstract:

The number of distinct malware being released into the wild is growing at an alarming rate. Some IT security companies are seeing more than 5,000 new malware instances each day. IT security companies can no longer keep pace with this deluge using manual, labor-intensive malware analysis techniques for generating specifications that detect them. There is a need for proven and deployable automated malware analysis techniques that can analyze large volumes of malware quickly and accurately. Researchers performing work in the area of behavior-based malware analysis are exploring new techniques that will address this problem: automated dependence graph construction; graph mining tools that identify specific behaviors in a dependence graph; semi-automated specification generation; and malware classification using clustering techniques. In this Phase I STTR proposal, NovaShield, Inc. will focus on malware understanding and aspects of malware classification. More specifically, NovaShield will concentrate on dependence graph construction algorithms that build rich dependence graphs efficiently, as well as clustering techniques that organize malware into families based on their behavior profiles. This will lay the groundwork for creating techniques that perform behavior mining and automated generation of behavior specifications for detecting malware, which will be pursued in Phase II.

Principal Investigator:

Gregory Zelesnik
Director, NovaShield Labs
(608) 833-2610
gzelesnik@novashield.com

Business Contact:

Praveen Sinha
Chief Executive Officer
(608) 833-2610
psinha@novashield.com
Small Business Information at Submission:

NovaShield, Inc
918 Deming Way Floor 3 Madison, WI 53717-1945

EIN/Tax ID: 203771937
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
University of Wisconsin - Madison
21 N. Park Street
Room 6410
Madison, WI 53715-
Contact: Cheryl E. Gest
Contact Phone: (608) 262-4880