Collaborative Research: SaTC: EDU: Artificial Intelligence Assisted Malware Analysis

合作研究：SaTC：EDU：人工智能辅助恶意软件分析

• 批准号: 2025686
• 负责人: Mahmoud Abdelsalam
• 金额: $ 11.39万
• 依托单位: Manhattan College
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-08-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2025686&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Artificial

The use of Artificial Intelligence (AI) and Machine Learning (ML) to solve cybersecurity problems has been gaining traction within industry and academia, in part as a response to widespread malware attacks on critical systems, such as cloud infrastructures, government offices or hospitals, and the vast amounts of data they generate. AI- and ML-assisted cybersecurity offers data-driven automation that could enable security systems to identify and respond to cyber threats in real time. However, there is currently a shortfall of professionals trained in AI and ML for cybersecurity. This project will address the shortfall by developing lab-intensive modules that enable undergraduate and graduate students to gain fundamental and advanced knowledge in applying AI and ML techniques to real-world datasets to learn about Cyber Threat Intelligence (CTI), malware analysis, and classification, among other important topics in cybersecurity. The proposed project will impact more than 400 students annually and is uniquely poised to provide opportunities to a diverse student population. Tennessee Technical University and University of North Carolina Wilmington are located in economically challenged regions. Manhattan College has a student population that is 31% minority (20% Hispanic) and 33% first generation college students. In addition, this project proposes to increase participation of underrepresented groups in STEM by conducting workshops and participating in professional conferences, such as The Women in Cybersecurity Conference, Community College Cyber Summit, and Society of Hispanic Professional Engineers. Providing undergraduate and graduate students with training in the use of AI in malware analysis is an important step towards bridging the current cybersecurity talent gap. The project will develop six self-contained and adaptive modules in "AI-assisted Malware Analysis." Topics will include: (1) CTI and malware attack stages, (2) malware knowledge representation and CTI sharing, (3) malware data collection and feature identification, (4) AI-assisted malware detection, (5) malware classification and attribution, and (6) advanced malware research topics and case studies such as adversarial learning and Advanced Persistent Threat (APT) detection. The course modules will be evaluated and assessed to determine their impact on students. Workshops and tutorial sessions at conferences will be used to expand the project’s impact and provide students and enthusiasts with hands-on experience of aspects of AI-assisted malware analysis using real-world datasets. A two-day training workshop for external faculty will also be arranged to enable further dissemination of the modules. The suite of activities proposed in this project will train students, researchers, and professionals in AI-assisted malware analysis and prepare them to meet future cybersecurity challenges. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

使用人工智能（AI）和机器学习（ML）来解决网络安全问题一直在行业和学术界的吸引力，部分是作为对关键系统（例如云基础架构，政府办公室或医院以及它们生成的大量数据）对关键系统的广泛恶意软件攻击的回应。 AI-和ML辅助网络安全提供了数据驱动的自动化，可以使安全系统能够实时识别和应对网络威胁。但是，目前，在AI和ML培训的网络安全方面，专业人员的专业人员短缺。该项目将通过开发实验室密集型模块来解决短缺，使本科生和研究生能够将AI和ML技术应用于现实世界数据集中，以了解网络威胁智能（CTI），恶意软件分析以及分类等其他重要主题，以及网络美食中的其他重要主题。拟议的项目每年将影响400多名学生，并有毒品中毒以为潜水员的学生群体提供机会。田纳西州技术大学和北卡罗来纳大学威尔明顿分校位于经济挑战的地区。曼哈顿学院的学生人数为31％（20％的西班牙裔）和33％的第一代大学生。此外，该项目的建议是通过举办研讨会和参加专业会议，例如网络安全会议，社区学院网络峰会和西班牙裔专业工程师社会，以增加代表性群体中代表性不足的STEM参与。向本科生和研究生提供在恶意软件分析中使用AI的培训，这是弥合当前网络安全人才差距的重要一步。该项目将在“ AI辅助恶意软件分析”中开发六个独立和自适应模块。主题将包括：（1）CTI和恶意软件攻击阶段，（2）恶意软件知识表示和CTI共享，（3）恶意软件数据收集和功能识别，（4）AI辅助恶意软件检测，（5）恶意软件分类和属性和属性，（6）高级恶意软件研究主题和高级恶意研究主题和诸如Exversarial学习和先进的persistent和Advanced Persistent Wistrection（An）（A）。将对课程模块进行评估和评估，以确定其对学生的影响。会议上的研讨会和教程会议将用于扩大项目的影响，并为学生和爱好者提供使用现实世界数据集的AI辅助恶意软件分析方面的实践经验。还将安排为外部教师进行的为期两天的培训研讨会，以进一步传播模块。该项目提出的一系列活动将在AI辅助恶意软件分析中培训学生，研究人员和专业人士，并准备应对未来的网络安全挑战。该项目得到了安全且值得信赖的网络空间（SATC）计划的支持，该计划资助了解决网络安全和隐私的建议，在这种情况下，特别是网络安全教育。 SATC计划与联邦网络安全研究与发展战略计划以及国家隐私研究战略保持一致，以保护和维护网络系统的不断增长的社会和经济利益，同时确保安全和隐私。该奖项反映了NSF的法定任务，并被认为是通过使用基金会的知识分子和更广泛影响的评估来审查Criteria来通过评估来通过评估来支持的。

项目成果

Knowledge Enrichment by Fusing Representations for Malware Threat Intelligence and Behavior

• DOI: 10.1109/isi49825.2020.9280512
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
• 作者: Aritran Piplai;Sudip Mittal;Mahmoud Abdelsalam;Maanak Gupta;A. Joshi;Tim Finin-

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

• DOI: 10.1109/access.2021.3077498
• 发表时间: 2021-01-01
• 期刊: IEEE ACCESS
• 影响因子: 3.9
• 作者: Kimmel, Jeffrey C.;Mcdole, Andrew D.;Sandhu, Ravi
• 通讯作者: Sandhu, Ravi

Ontology driven AI and Access Control Systems for Smart Fisheries

• DOI: 10.1145/3445969.3450429
• 发表时间: 2021-01-01
• 期刊: SAT-CPS'21: PROCEEDINGS OF THE 2021 ACM WORKSHOP ON SECURE AND TRUSTWORTHY CYBER-PHYSICAL SYSTEMS
• 作者: Chukkapalli, Sai Sree Laya;Aziz, Shaik Barakhat;Abdelsalam, Mahmoud
• 通讯作者: Abdelsalam, Mahmoud