[Defense] Dynamic Analysis and Representation Learning For Malware Family Classification
Tuesday, December 14, 2021
12:00 pm - 1:00 pm
In
Partial
Fulfillment
of
the
Requirements
for
the
Degree
of
Doctor
of
Philosophy
Ayman
El
Aassal
will
defend
his
proposal
Dynamic
Analysis
and
Representation
Learning
For
Malware
Family
Classification
Abstract
The current research on malware detection focuses on the binary classification of benign vs. malicious samples. However, cyber security researchers rarely focus on the multiclass classification problem of malware families and their variants. Many static detection tools use a signature-based approach, which leads to the proliferation of malware variants. Solving this problem will have a considerable impact since correctly classifying the malware category implies knowing the malware’s behavior on the target system, which leads to an efficient response of the security team. To fill this gap in the malware detection and classification research, we first address the dataset availability and quality issues found in the literature by suggesting using a new dataset and proper ground truth labeling methods. Then we propose a new way of analyzing malware execution trace with NLP and behavior graphs and compare these two methods using machine learning models on the new dataset. After achieving good accuracy with graph features, we apply Representation Learning methods on malware behavior graphs, significantly improving our model’s performance. The performance encouraged us to explore the field of Machine Learning with Graphs and apply Graph Neural Networks on malware behavior graphs not only for classification but also to extend their application to detecting new malware variants.
Tuesday,
December
14,
2021
12:00
PM
-
1:00
PM
CT
Online
via
Zoom
Dr. Stephen Huang, dissertation advisor
Faculty, students and the general public are invited.
