Heng YinProfessorComputer Science & Engineering hengy@ucr.edu(951) 827-6437
CAREER: Binary and Virtualization Centric Malware Defense
AWARD NUMBER
008589-002
FUND NUMBER
33308
STATUS
Closed
AWARD TYPE
3-Grant
|
AWARD EXECUTION DATE
10/24/2016
BEGIN DATE
9/1/2016
END DATE
7/31/2017
AWARD AMOUNT
$168,859
|
Sponsor Information
SPONSOR AWARD NUMBER
SPONSOR
SPONSOR TYPE
FUNCTION
Organized Research
PROGRAM NAME
Proposal Information
PROPOSAL NUMBER
17030328
PROPOSAL TYPE
New
ACTIVITY TYPE
Basic Research
PI Information
PI
Yin, Heng
PI TITLE
Other
PI DEPTARTMENT
Computer Science & Engineering
PI COLLEGE/SCHOOL
Bourns College of Engineering
CO PIs
Project Information
ABSTRACT
Malicious software (malware) has become a major threat to computer security and will continue to be a central theme for computer security research for decades. This project takes a binary and virtualization centric approach to effectively and efficiently defeat malware using both online and offline analysis. Offline malware analysis aims to extract knowledge about the inner-workings for a newly discovered malware instance or software exploit, for the purpose of building up proper defense against similar attacks. Online malware defense aims to build efficient security mechanisms to effectively confine malicious behavior and collect enough evidence for subsequent security investigation. For offline malware analysis, a novel virtualization-based malware analysis platform is used, on top of which new type inference techniques are applied to malware decomposition and vulnerability diagnosis. For online malware defense, new techniques for module-level sandbox and execution replay using virtualization are cooperatively used to defeat malware. The results from this research will be disseminated through both peer-reviewed publications and software release. Based on this research, new course materials, modular hands-on projects, and professional training tutorials will be developed, to help future computer engineers and security researchers gain in-depth knowledge about malware defense.(Abstract from NSF)
|