Researchers at GW have developed a hardware-based cyber-deception framework that can effectively combat malware directed to attacking computer systems. In particular, the framework works deceptively and transparently, to modify the underlying malware during program runtime and strategically deflects the malware from accessing sensitive information associated with or otherwise stored in the system. The framework is also capable of adapting itself to various types of malwares known in the art, owing to its monitoring mechanism and associated feedback mechanism. In summary, the framework can observe a malware, evaluate its defense strategy based on its observations, and carefully calibrate its approach to a given malware.
The disclosed algorithm/hardware can be implemented as either a system or a method as can be appreciated. The system or method can include various aspects as follows: (i) a module that can dynamically infuse deception instructions into the processor pipeline; (ii) a module that autonomously manage the operation of the cyber-deception hardware. In one embodiment, the deception module is equipped with programmable masks that can start the process of deception instruction infusion based on matching specific key instruction attributes. In another embodiment, the autonomous module can include a feedback-driven autonomous learning agent tasked with crafting appropriate deception instruction templates based on the currently executing malware context.
Fig. 1 – One example of the disclosed Cyber-deception Framework
Applications:
Advantages: