Malicious software, or malware, is a type of coded program designed to damage/hack computer systems. Often, malware disables a user’s computer control, consequently leaving a user’s sensitive information vulnerable. Even though various types of firewall, anti-virus, and network security software all serve as layers of defense, they only define a malware’s binary features (attributes) such as, referencing/not referencing a set of data, starting/stopping a process, etc. However, identifying the higher-level purpose (tasks) malware may perform (e.g. logging key strokes, taking a screenshot, establishing remote access, etc.) requires trained analysts. With malware programmers making more complex and resistive codes, computer scientists look to improve malware task identification by shifting toward a more automated method.
Researchers at ASU have developed an automated way of identifying malware tasks by combining dynamic malware analysis with cognitive modeling. Scientists dubbed this method, “Adaptive Control of Thought–Rational (ACT-R),” due to the human-based, cognitive modeling method. The system compares a given malware’s traits to existing malware families in a database. For any families the malware could belong to, the system assigns a probability and returns a set of predicted tasks the malware will perform. Any new malware traits remain in the system for future comparison. The system’s human-based functionality can apply various traits from different malware families to characterize new, unknown malware. The cognitive, dynamic analysis approach effectively models an analyst’s decision-making ability, easily adapts to unknown malware, and ultimately prevents computer system hacking and damage.
Potential Applications
Benefits and Advantages
For more information about the inventor(s) and their research, please see:
Dr. Paulo Shakarian's directory webpage