Collaborative Research: SaTC: EDU: Artificial Intelligence Assisted Malware Analysis

合作研究：SaTC：EDU：人工智能辅助恶意软件分析

• 批准号: 2025686
• 负责人: Mahmoud Abdelsalam
• 金额: $ 11.39万
• 依托单位: Manhattan College
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-08-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2025686&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; EDU; Artificial

The use of Artificial Intelligence (AI) and Machine Learning (ML) to solve cybersecurity problems has been gaining traction within industry and academia, in part as a response to widespread malware attacks on critical systems, such as cloud infrastructures, government offices or hospitals, and the vast amounts of data they generate. AI- and ML-assisted cybersecurity offers data-driven automation that could enable security systems to identify and respond to cyber threats in real time. However, there is currently a shortfall of professionals trained in AI and ML for cybersecurity. This project will address the shortfall by developing lab-intensive modules that enable undergraduate and graduate students to gain fundamental and advanced knowledge in applying AI and ML techniques to real-world datasets to learn about Cyber Threat Intelligence (CTI), malware analysis, and classification, among other important topics in cybersecurity. The proposed project will impact more than 400 students annually and is uniquely poised to provide opportunities to a diverse student population. Tennessee Technical University and University of North Carolina Wilmington are located in economically challenged regions. Manhattan College has a student population that is 31% minority (20% Hispanic) and 33% first generation college students. In addition, this project proposes to increase participation of underrepresented groups in STEM by conducting workshops and participating in professional conferences, such as The Women in Cybersecurity Conference, Community College Cyber Summit, and Society of Hispanic Professional Engineers. Providing undergraduate and graduate students with training in the use of AI in malware analysis is an important step towards bridging the current cybersecurity talent gap. The project will develop six self-contained and adaptive modules in "AI-assisted Malware Analysis." Topics will include: (1) CTI and malware attack stages, (2) malware knowledge representation and CTI sharing, (3) malware data collection and feature identification, (4) AI-assisted malware detection, (5) malware classification and attribution, and (6) advanced malware research topics and case studies such as adversarial learning and Advanced Persistent Threat (APT) detection. The course modules will be evaluated and assessed to determine their impact on students. Workshops and tutorial sessions at conferences will be used to expand the project’s impact and provide students and enthusiasts with hands-on experience of aspects of AI-assisted malware analysis using real-world datasets. A two-day training workshop for external faculty will also be arranged to enable further dissemination of the modules. The suite of activities proposed in this project will train students, researchers, and professionals in AI-assisted malware analysis and prepare them to meet future cybersecurity challenges. This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

使用人工智能 (AI) 和机器学习 (ML) 来解决网络安全问题在行业和学术界越来越受到关注，部分原因是为了应对针对云基础设施、政府办公室或医院等关键系统的广泛恶意软件攻击，它们生成的大量数据提供了数据驱动的自动化，可以使安全系统实时识别和响应网络威胁。但是，目前缺乏接受过人工智能和机器学习培训的专业人员。该项目将解决网络安全的机器学习问题。实验室密集型模块的不足，使本科生和研究生能够获得将人工智能和机器学习技术应用于现实世界数据集的基础和高级知识，以了解网络威胁情报 (CTI)、恶意软件分析和分类等拟议的项目每年将影响 400 多名学生，并为位于经济困难地区的多样化学生群体提供独特的机会。即 31%少数族裔（20% 西班牙裔）和 33% 第一代大学生此外，该项目建议通过举办研讨会和参加专业会议（例如网络安全女性会议、社区大学网络会议）来增加代表性不足的群体对 STEM 的参与。峰会和西班牙裔专业工程师协会。为本科生和研究生提供在恶意软件分析中使用人工智能的培训，是弥合当前网络安全人才缺口的重要一步。该项目将开发“人工智能”中的六个独立且自适应的模块。 -辅助的恶意软件分析。”主题将包括：(1) CTI 和恶意软件攻击阶段，(2) 恶意软件知识表示和 CTI 共享，(3) 恶意软件数据收集和特征识别，(4) 人工智能辅助恶意软件检测，(5) 恶意软件分类和归因，以及（6）高级恶意软件研究主题和案例研究，例如对抗性学习和高级持续威胁（APT）检测。将对课程模块进行评估和评估，以确定它们对学生的影响。习惯于扩大该项目的影响力，并为学生和爱好者提供使用真实数据集进行人工智能辅助恶意软件分析的实践经验，还将为外部教师安排为期两天的培训研讨会，以进一步传播这些模块套件。该项目提出的一系列活动将培训学生、研究人员和专业人员进行人工智能辅助恶意软件分析，并为他们应对未来的网络安全挑战做好准备。该项目得到安全可信网络空间 (SaTC) 计划的支持，该计划为解决网络安全的提案提供资金。和隐私，在这种情况下特别是SaTC 计划与联邦网络安全研究与发展战略计划和国家隐私研究战略相一致，旨在保护和维护网络系统不断增长的社会和经济效益，同时确保安全和隐私。该奖项反映了 NSF 的法定使命，并得到了国家科学基金会的认可。通过使用基金会的智力优点和更广泛的影响审查标准进行评估，认为值得支持。

项目成果

Ontology driven AI and Access Control Systems for Smart Fisheries

本体驱动的智能渔业人工智能和访问控制系统

• DOI: 10.1145/3445969.3450429
• 发表时间: 2021-04
• 期刊: 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems
• 作者: Chukkapalli, Sai Sree;Aziz, Shaik Barakhat;Alotaibi, Nouran;Mittal, Sudip;Gupta, Maanak;Abdelsalam, Mahmoud
• 通讯作者: Abdelsalam, Mahmoud

Recurrent Neural Networks Based Online Behavioural Malware Detection Techniques for Cloud Infrastructure

基于循环神经网络的云基础设施在线行为恶意软件检测技术

• DOI: 10.1109/access.2021.3077498
• 发表时间: 2024-09-13
• 期刊: IEEE Access
• 影响因子: 3.9
• 作者: Jeffrey C. Kimmel;Andrew McDole;Mahmoud Abdelsalam;Maanak Gupta;R. S;hu;hu
• 通讯作者: hu

Knowledge Enrichment by Fusing Representations for Malware Threat Intelligence and Behavior

通过融合恶意软件威胁情报和行为的表示来丰富知识

• DOI: 10.1109/isi49825.2020.9280512
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI
• 作者: Piplai, Aritran;Mittal, Sudip;Abdelsalam, Mahmoud;Gupta, Maanak;Joshi, Anupam;Finin, Tim
• 通讯作者: Finin, Tim