Malware identification using cognitively-inspired inference

Robert Thomson, Christian Lebiere, Stefano Bennati, Paulo Shakarian, Eric Nunes

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Malware reverse-engineering is an important type of analysis in cybersecurity. Rapidly identifying the tasks that a piece of malware is designed to perform is an important part of reverse engineering that is generally manually performed as it relies heavily on human intuition This paper describes how the use of cognitively-inspired inference can assist in automating some of malware task identification. Computational models derived from humaninspired inference were able to reach relatively higher asymptotic performance faster than traditional machine learning approaches such as decision trees and naïve Bayes classifiers. Using a real-world malware dataset, these cognitive models identified sets of tasks with an unbiased F1 measure of 0.94. Even when trained on historical datasets of malware samples from different families, the cognitive models still maintained the precision of decision tree and Bayes classifiers while providing a significant improvement to recall.

Original languageEnglish (US)
Title of host publication24th Conference on Behavior Representation in Modeling and Simulation, BRiMS 2015, co-located with the International Social Computing, Behavioral Modeling and Prediction Conference, SBP 2015
PublisherThe BRIMS Society
Pages18-25
Number of pages8
StatePublished - 2015
Event24th Conference on Behavior Representation in Modeling and Simulation, BRiMS 2015, co-located with the International Social Computing, Behavioral Modeling and Prediction Conference, SBP 2015 - Washington, United States
Duration: Mar 31 2015Apr 3 2015

Other

Other24th Conference on Behavior Representation in Modeling and Simulation, BRiMS 2015, co-located with the International Social Computing, Behavioral Modeling and Prediction Conference, SBP 2015
Country/TerritoryUnited States
CityWashington
Period3/31/154/3/15

Keywords

  • Cognitive Architectures
  • Functional Modeling
  • Inference
  • Instance-Based Learning
  • Malware Analysis

ASJC Scopus subject areas

  • Modeling and Simulation

Fingerprint

Dive into the research topics of 'Malware identification using cognitively-inspired inference'. Together they form a unique fingerprint.

Cite this