You are here
Semi-Supervised Algorithms against Malware Evolution (SESAME)
Title: Principal Scientist
Phone: (617) 491-3474
Email: apfeffer@cra.com
Title: Contracts Manager
Phone: (617) 491-3474
Email: mfelix@cra.com
Contact: Ruth Landry
Address:
Phone: (337) 482-5811
Type: Nonprofit College or University
ABSTRACT: Recent years have seen an explosion in the number and sophistication of malware attacks. The sheer volume of novel malware has made purely manual signature development impractical and has led to research on applying machine learning and data mining to automatically infer malware signatures in the wild. Unfortunately, researchers have recently found ways to game the machine learning algorithms and learn to predict which samples the learning algorithms will classify as benign or malicious, thus opening the door for innovative deception on the part of malware developers. To counter this threat, we propose Semi-Supervised Algorithms against Malware Evolution (SESAME), which uses online learning to evolve as new malware is encountered, recognizing novel families and adapting its model of families as they themselves evolve. It uses semi-supervised learning to enable it to learn from both labeled and unlabeled malware. SESAME combines a rich feature set with deep learning algorithms to learn the essential characteristics of malware that enable us to relate novel malware to existing malware. SESAME will be designed to be an enterprise-based system with rapid endpoint classification and learning in the cloud. BENEFIT: SESAME has profound potential benefit to both military and commercial network defense. It can assist network defenders by triaging incoming samples, identifying novel malware samples, and indicating which samples require further analysis. SESAME can be of benefit in military settings, such as a potential Air Force cyber operations center. SESAME can also be of benefit to Fortune 500 companies who have large networks to defend and limited expert manpower.
* Information listed above is at the time of submission. *