CSIS Seminar

A Hierarchical Framework to Detect Targeted Attacks using Deep Neural Network

Abstract

Malware is a serious threat to corporations, individuals and nation’s state since the adversaries leverage it to get unauthorized access to secret and critical information. Now a days, malware detection at large scale is a critical problem since the number and variety of malwares is increasing. One approach to address this issue is using statistical analysis and machine learning. Malware detection services can be for organizations or individuals. Malware detection as a service for organization is a manual and cumbersome process to find the source of the malware, the family it belongs to and the target of the malicious code. In this paper, we propose a hierarchical framework that accelerates the detection and classification of malwares based on priorities of an organization. We also propose the first deep neural network that can differentiate between a targeted malware, i.e. cyber-espionage, and cyber-crimes. This model has been tested and verified using a balanced data-set of both type of files. The detection rate is 97% with the false negative rate of 2.8%.

Speaker Bio

Dr. Nahid Farhady Ghalaty has obtained her PhD from the Bradley department of Electrical and Computer Engineering, Virginia Tech in 2016. Her research interest is on embedded systems security, Fault Attacks and Side Channel Attacks, and Cryptography. She is now a cybersecurity R&D Associate Manager at Accenture Technology Labs where she has focused on several cyber security related projects such as malware detection and classification, predictive analytics and adversarial ML. She is also an adjunct faculty at the department of computer science at The George Washington University. Her research has been published in several peer reviewed conferences and journals such as DATE, FDTC, and IEEE ESL.