Speaker "Nahid Farhady" Details Back



Malware Detection using Deep Neural Network


Nowadays, signature based malware detection is widely used in commercial anti-viruses. However, this method fails to detect zero-day specific type of malware. Therefore, anti-virus engines are now moving towards finding the shared features and similar behaviors of malware families in order to be able to detect new ones as well. Using Machine Learning techniques for this purpose have focused on static features for a while, however, to be able to classify the malware, the malware engineers need to go through an extensive process of dynamic analysis. In this research, we propose an end to end framework for malware detection and classification using machine learning techniques. In this framework, we use DNN models to detect the malware vs. benign files as well as proposing an uncertainty score for the classification part. Using the proposed DNN model and only 6 static features, we are able to gain the FNR of less than 1% with the TPR of over 96%. In the next step, we propose a classification model that divided the malware into cyber crime and cyber espionage and other sub categories. We use the PCA (Principal Component Analysis) technique to prioritize the dynamic features to be explored for each sub category as well. Using this method will accelerate the labeling part for the malware engineers. Our research proposes the top 5 dynamic features for each type of malware to be analyzed.


Nahid Farhady Ghalaty is R&D Technology Associate Manager at Accenture Cyber Labs. She obtained her PhD at the Bradley department of Electrical and Computer Engineering, Virginia Tech. Her research is mainly focused on physical cryptanalysis, predictive analysis in Industrial Control Systems, Malware detection and adversarial attacks. She received her BS degree in software engineering from Shahid Chamran University of Ahvaz, and her MS degree in computer architecture from Sharif University of Technology. Her MS research was on reliability and fault tolerant embedded system designs. She has been the recepient of the best paper in session award at SRC TECHcon 2015. She has been also the recipient of the best poster and presentation award in the Center for Embedded Systems for Critical Applications (CESCA) at 2014 and 2015. She is the author of several papers in international conferences including DATE, FDTC, HOST, COSADE, etc. She has also served as a reviewer to several conferences and journals including FDTC, DAC, CHES and DATE.