Collaborative Research: SaTC: EDU: Artificial Intelligence Assisted Malware Analysis

合作研究：SaTC：EDU：人工智能辅助恶意软件分析

• 批准号: 2133190
• 负责人: Sudip Mittal
• 金额: $ 10.58万
• 依托单位: Mississippi State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-06-15 至 2023-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2133190&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Artificial

The use of Artificial Intelligence (AI) and Machine Learning (ML) to solve cybersecurity problems has been gaining traction within industry and academia, in part as a response to widespread malware attacks on critical systems, such as cloud infrastructures, government offices or hospitals, and the vast amounts of data they generate. AI- and ML-assisted cybersecurity offers data-driven automation that could enable security systems to identify and respond to cyber threats in real time. However, there is currently a shortfall of professionals trained in AI and ML for cybersecurity. This project will address the shortfall by developing lab-intensive modules that enable undergraduate and graduate students to gain fundamental and advanced knowledge in applying AI and ML techniques to real-world datasets to learn about Cyber Threat Intelligence (CTI), malware analysis, and classification, among other important topics in cybersecurity. The proposed project will impact more than 400 students annually and is uniquely poised to provide opportunities to a diverse student population. Tennessee Technical University and University of North Carolina Wilmington are located in economically challenged regions. Manhattan College has a student population that is 31% minority (20% Hispanic) and 33% first generation college students. In addition, this project proposes to increase participation of underrepresented groups in STEM by conducting workshops and participating in professional conferences, such as The Women in Cybersecurity Conference, Community College Cyber Summit, and Society of Hispanic Professional Engineers. Providing undergraduate and graduate students with training in the use of AI in malware analysis is an important step towards bridging the current cybersecurity talent gap. The project will develop six self-contained and adaptive modules in "AI-assisted Malware Analysis." Topics will include: (1) CTI and malware attack stages, (2) malware knowledge representation and CTI sharing, (3) malware data collection and feature identification, (4) AI-assisted malware detection, (5) malware classification and attribution, and (6) advanced malware research topics and case studies such as adversarial learning and Advanced Persistent Threat (APT) detection. The course modules will be evaluated and assessed to determine their impact on students. Workshops and tutorial sessions at conferences will be used to expand the project’s impact and provide students and enthusiasts with hands-on experience of aspects of AI-assisted malware analysis using real-world datasets. A two-day training workshop for external faculty will also be arranged to enable further dissemination of the modules. The suite of activities proposed in this project will train students, researchers, and professionals in AI-assisted malware analysis and prepare them to meet future cybersecurity challenges. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

使用人工智能（AI）和机器学习（ML）来解决网络安全问题已经在工业界和学术界获得了越来越多的关注，部分原因是为了应对对关键系统（如云基础设施，政府办公室或医院）以及它们生成的大量数据的广泛恶意软件攻击。人工智能和ML辅助的网络安全提供了数据驱动的自动化，可以使安全系统能够真实的识别和响应网络威胁。然而，目前缺乏接受过AI和ML网络安全培训的专业人员。该项目将通过开发实验室密集型模块来解决这一不足，使本科生和研究生能够获得将AI和ML技术应用于现实世界数据集的基础和高级知识，以了解网络威胁情报（CTI），恶意软件分析和分类，以及网络安全中的其他重要主题。拟议的项目将影响每年超过400名学生，是独特的准备提供机会，以多样化的学生群体。 田纳西技术大学和北卡罗来纳州威尔明顿大学位于经济困难的地区。 曼哈顿学院的学生人口中有31%是少数民族（20%是西班牙裔），33%是第一代大学生。此外，该项目还建议通过举办研讨会和参加专业会议，如网络安全中的妇女会议、社区学院网络峰会和西班牙裔专业工程师协会，增加STEM中代表性不足的群体的参与。 为本科生和研究生提供在恶意软件分析中使用人工智能的培训是弥合当前网络安全人才缺口的重要一步。该项目将在“人工智能辅助恶意软件分析”中开发六个独立和自适应的模块。“主题包括：（1）CTI和恶意软件攻击阶段，（2）恶意软件知识表示和CTI共享，（3）恶意软件数据收集和特征识别，（4）人工智能辅助的恶意软件检测，（5）恶意软件分类和归因，以及（6）高级恶意软件研究主题和案例研究，如对抗学习和高级持续威胁（APT）检测。将对课程模块进行评估和评估，以确定其对学生的影响。会议期间的研讨会和辅导课程将用于扩大项目的影响，并为学生和爱好者提供使用真实世界数据集进行AI辅助恶意软件分析的实践经验。此外，亦会为校外教职员安排为期两天的培训工作坊，以便进一步推广这些单元。该项目中提出的一系列活动将培训学生、研究人员和专业人员进行人工智能辅助恶意软件分析，并使他们做好应对未来网络安全挑战的准备。该项目得到了安全和值得信赖的网络空间（SaTC）计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，在这种情况下，特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Using Knowledge Graphs and Reinforcement Learning for Malware Analysis

• DOI: 10.1109/bigdata50022.2020.9378491
• 发表时间: 2020-12
• 期刊: 2020 IEEE International Conference on Big Data (Big Data)
• 作者: Aritran Piplai;P. Ranade;Anantaa Kotal;Sudip Mittal;S. Narayanan;A. Joshi

Semantically Rich Framework to Automate Cyber Insurance Services

用于自动化网络保险服务的语义丰富的框架

• DOI: 10.1109/tsc.2021.3113272
• 发表时间: 2021
• 期刊: IEEE Transactions on Services Computing
• 影响因子: 8.1
• 作者: Sane, Ketki;Joshi, Karuna Pande;Mittal, Sudip
• 通讯作者: Mittal, Sudip

Creating Cybersecurity Knowledge Graphs From Malware After Action Reports

• DOI: 10.1109/access.2020.3039234
• 发表时间: 2020-10
• 期刊: IEEE Access
• 影响因子: 3.9
• 作者: Aritran Piplai;Sudip Mittal;A. Joshi;Tim Finin-;James Holt;Richard Zak

Cybersecurity Threat Intelligence Augmentation and Embedding Improvement - A Healthcare Usecase

• DOI: 10.1109/isi49825.2020.9280482
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
• 作者: Matthew Sills;P. Ranade;Sudip Mittal

Knowledge Enrichment by Fusing Representations for Malware Threat Intelligence and Behavior

• DOI: 10.1109/isi49825.2020.9280512
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
• 作者: Aritran Piplai;Sudip Mittal;Mahmoud Abdelsalam;Maanak Gupta;A. Joshi;Tim Finin-