log in  |  register  |  feedback?  |  help  |  web accessibility
Logo
Rethinking Malware Detection: Accuracy, Efficiency, and Scalability through Human-Machine Collaboration
Wednesday, February 17, 2016, 4:00-5:00 pm Calendar
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract

 

A nation or a terrorist organization can cause catastrophic events or steal secrets by inserting just a few lines of malicious code in mission-critical software. Detecting such malware can be like searching for a needle in haystack without knowing what the needle looks like. Detecting malware in large software is a problem too big to solve by humans alone and too complex for machines to do accurately. With examples of Android malware, we will illustrate the problem by identifying sources of complexity, and then expose the hardness spectrum for different sources.

 

 

 

Detecting sophisticated malware requires exploring software to identify hot spots, gathering evidence to conceive plausible malware hypotheses, and analyzing software to prove or refute each hypothesis. The challenge is to design a human-machine collaboration system to conduct these activities with accuracy, efficiency, and scalability for analyzing large software. We will present the Atlas Platform and the Android Security Toolbox. The Atlas Platform significantly reduces the effort required to create automated software engineering tools, and to build human-machine collaboration systems for solving complex software problems. The Android Security Toolbox, built on the Atlas Platform, is designed to detect simplistic malware automatically, and sophisticated malware with human-machine collaboration. The Atlas Platform’s powerful software search and visualization engines are also useful for program comprehension – a rapidly growing use among students. First released in 2013, academic licenses of Atlas have been issued to students from 174 institutions in 26 countries.

 

 

 

Bio

Suraj C. Kothari (Suresh) is the Richardson Chair Professor of Electrical and Computer Engineering (ECE) at Iowa State University (ISU). Over the past two decades, he made pioneering contributions to develop human-in-loop automated software analysis and transformation techniques and tools to address the complex problems of software productivity, safety, and security. With innovative visual mathematical models of software, this automation technology provides unprecedented capability to manage complexity of large software using graph theory and software visualization. It enables novel human-machine collaboration to solve difficult software analysis, verification, and transformation problems where complete automation has remained an elusive target, riddled with difficulties of low accuracy and high computational complexity.

In the last three years, as a sole PI, he has received $9.5 million research funding for developing human-in-loop automation for cybersecurity problems, his research is published in top-tier IEEE conferences, he has been invited speaker at major IEEE conferences, leading companies, and federal research labs. His tutorials at IEEE and DoD conferences are highly appreciated, especially by software practitioners in industry (Blog by a Microsoft manager:http://port25.technet.com/archive/2006/11/16/learning-to-read.aspx). He received in 2007 the First Prize, $25,000, in the John Pappajohn Iowa Business Plan Competition. EnSoft, the company he founded, received in 2008 the Prometheus Award for Innovator Company of the Year

Dr. Kothari founded EnSoft (http://www.ensoftcorp.com/in 2002.  At present, 308 companies in 27 countries and 19 academic institutions (8 for the EcoCar Challenge http://ecocar3.org/vthevt/team-sponsors/) use EnSoft’s SimDiff product for developing model-based control systems software, and 174 institutions in 26 countries have academic licenses of EnSoft’s Atlas platform to build human-in-loop application-specific tools for multiple programming languages. 

 

This talk is organized by Rance Cleaveland