Collaborative Research: SaTC: EDU: Artificial Intelligence Assisted Malware Analysis

合作研究：SaTC：EDU：人工智能辅助恶意软件分析

• 批准号: 2025682
• 负责人: Maanak Gupta
• 金额: $ 18.03万
• 依托单位: Tennessee Technological University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-08-01 至 2024-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2025682&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Artificial

The use of Artificial Intelligence (AI) and Machine Learning (ML) to solve cybersecurity problems has been gaining traction within industry and academia, in part as a response to widespread malware attacks on critical systems, such as cloud infrastructures, government offices or hospitals, and the vast amounts of data they generate. AI- and ML-assisted cybersecurity offers data-driven automation that could enable security systems to identify and respond to cyber threats in real time. However, there is currently a shortfall of professionals trained in AI and ML for cybersecurity. This project will address the shortfall by developing lab-intensive modules that enable undergraduate and graduate students to gain fundamental and advanced knowledge in applying AI and ML techniques to real-world datasets to learn about Cyber Threat Intelligence (CTI), malware analysis, and classification, among other important topics in cybersecurity. The proposed project will impact more than 400 students annually and is uniquely poised to provide opportunities to a diverse student population. Tennessee Technical University and University of North Carolina Wilmington are located in economically challenged regions. Manhattan College has a student population that is 31% minority (20% Hispanic) and 33% first generation college students. In addition, this project proposes to increase participation of underrepresented groups in STEM by conducting workshops and participating in professional conferences, such as The Women in Cybersecurity Conference, Community College Cyber Summit, and Society of Hispanic Professional Engineers. Providing undergraduate and graduate students with training in the use of AI in malware analysis is an important step towards bridging the current cybersecurity talent gap. The project will develop six self-contained and adaptive modules in "AI-assisted Malware Analysis." Topics will include: (1) CTI and malware attack stages, (2) malware knowledge representation and CTI sharing, (3) malware data collection and feature identification, (4) AI-assisted malware detection, (5) malware classification and attribution, and (6) advanced malware research topics and case studies such as adversarial learning and Advanced Persistent Threat (APT) detection. The course modules will be evaluated and assessed to determine their impact on students. Workshops and tutorial sessions at conferences will be used to expand the project’s impact and provide students and enthusiasts with hands-on experience of aspects of AI-assisted malware analysis using real-world datasets. A two-day training workshop for external faculty will also be arranged to enable further dissemination of the modules. The suite of activities proposed in this project will train students, researchers, and professionals in AI-assisted malware analysis and prepare them to meet future cybersecurity challenges. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

使用人工智能(AI)和机器学习(ML)来解决网络安全问题在工业界和学术界得到了越来越多的支持，部分原因是为了应对对关键系统(如云基础设施、政府办公室或医院)及其生成的海量数据的广泛恶意软件攻击。人工智能和ML辅助的网络安全提供数据驱动的自动化，使安全系统能够实时识别和响应网络威胁。然而，目前缺乏接受过网络安全方面的人工智能和ML培训的专业人员。该项目将通过开发实验室密集型模块来解决这一不足，使本科生和研究生能够获得将AI和ML技术应用于真实世界数据集的基础和高级知识，以了解网络威胁情报(CTI)、恶意软件分析和分类等网络安全中的其他重要主题。拟议中的项目每年将影响400多名学生，并独特地为不同的学生群体提供机会。田纳西技术大学和北卡罗来纳大学威尔明顿分校位于经济困难地区。曼哈顿学院的学生中有31%是少数族裔(20%是西班牙裔)，33%是第一代大学生。此外，该项目建议通过举办讲习班和参加专业会议，如妇女参与网络安全会议、社区大学网络峰会和西班牙裔专业工程师协会，增加代表不足群体在STEM中的参与。为本科生和研究生提供在恶意软件分析中使用人工智能的培训，是弥合目前网络安全人才差距的重要一步。该项目将开发六个自成一体的自适应模块，以实现“人工智能辅助恶意软件分析”。主题将包括：(1)CTI和恶意软件攻击阶段，(2)恶意软件知识表示和CTI共享，(3)恶意软件数据收集和特征识别，(4)人工智能辅助恶意软件检测，(5)恶意软件分类和归属，以及(6)高级恶意软件研究主题和案例研究，如对抗学习和高级持久威胁(APT)检测。将对课程模块进行评估，以确定它们对学生的影响。研讨会和会议上的教程将被用来扩大该项目的影响，并为学生和爱好者提供使用真实世界数据集的人工智能辅助恶意软件分析方面的实践经验。还将为外部教员安排一个为期两天的培训讲习班，以便进一步传播这些单元。该项目中提出的一系列活动将培训学生、研究人员和专业人员进行人工智能辅助恶意软件分析，并为他们应对未来的网络安全挑战做好准备。这个项目得到了安全和值得信赖的网络空间(SATC)计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，在这种情况下，特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Reachability Analysis for Attributes in ABAC With Group Hierarchy

• DOI: 10.1109/tdsc.2022.3145358
• 发表时间: 2021-01
• 期刊: IEEE Transactions on Dependable and Secure Computing
• 影响因子: 7.3
• 作者: Maanak Gupta;R. Sandhu

Analyzing and Explaining Black-Box Models for Online Malware Detection

• DOI: 10.1109/access.2023.3255176
• 发表时间: 2023
• 期刊: IEEE Access
• 影响因子: 3.9
• 作者: Harikha Manthena;Jeffrey Kimmell;Mahmoud Abdelsalam;Maanak Gupta

A Systematic Survey of Multi-Factor Authentication for Cloud Infrastructure

• DOI: 10.3390/fi15040146
• 发表时间: 2023-04
• 期刊: Future Internet
• 影响因子: 3.4
• 作者: Soumya Prakash Otta;S. Panda;Maanak Gupta;C. Hota

Knowledge Enrichment by Fusing Representations for Malware Threat Intelligence and Behavior

• DOI: 10.1109/isi49825.2020.9280512
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
• 作者: Aritran Piplai;Sudip Mittal;Mahmoud Abdelsalam;Maanak Gupta;A. Joshi;Tim Finin-

Edge Centric Secure Data Sharing with Digital Twins in Smart Ecosystems

智能生态系统中以边缘为中心的数字孪生安全数据共享

• DOI: 10.1109/tpsisa52974.2021.00008
• 发表时间: 2021
• 期刊: Privacy and Security in Intelligent Systems and Applications (TPS-ISA
• 作者: Cathey, Glen;Benson, James;Gupta, Maanak;Sandhu, Ravi
• 通讯作者: Sandhu, Ravi