NU 2025-002
INVENTORS
SHORT DESCRIPTION
For cybersecurity firms, GLAMP is a framework that proactively generates novel malware variants to train detectors and improve defense against future attacks.
BACKGROUND
Traditional antivirus systems struggle with evolving threats and limited malware samples. Current solutions react only after malware is identified. This creates a high cost and lag in defense, leaving a significant gap in proactive cybersecurity strategies.
ABSTRACT
GLAMP addresses the challenge of adaptive malware by generating variants of known malware. The framework formalizes the malware generation problem and integrates novel variant generation algorithms with an adversarial training model. Experiments show that GLAMP successfully evades 11 white box classifiers and 4 commercial detectors. The system enhances malware prediction by exposing classifiers to both historical and generated malware samples.
MARKET OPPORTUNITY
The global market for Endpoint Detection and Response (EDR) is a direct response to the failures of traditional antivirus and was valued at approximately $4.1 billion in 2024. It is projected to reach $11.85 billion by 2029, growing at a rapid compound annual growth rate (CAGR) of 23.65%. This growth is fueled by the escalating volume and sophistication of zero-day exploits, fileless malware, and ransomware that easily bypass legacy signature-based systems. The primary market consists of enterprises, mid-market businesses, and government agencies seeking to close the critical security gap left by reactive solutions. (Source: Mordor Intelligence: "Endpoint Detection and Response (EDR) Market Size & Share Analysis - Growth Trends & Forecasts (2024 - 2029)").
DEVELOPMENT STAGE
TRL-4 - Prototype Validated in Lab: A laboratory-scale prototype has demonstrated key functions, including novel malware generation and successful evasion of multiple detection systems.
APPLICATIONS
ADVANTAGES
PUBLICATIONS
IP STATUS
US Patent Pending