Office of Research, UC Riverside
Heng Yin
Associate Professor
Computer Science & Engineering
hengy@ucr.edu
(951) 827-6437


CAREER: Binary and Virtualization Centric Malware Defense

AWARD NUMBER
008589-002
FUND NUMBER
33308
STATUS
Active
AWARD TYPE
3-Grant
AWARD EXECUTION DATE
10/24/2016
BEGIN DATE
9/1/2016
END DATE
7/31/2017
AWARD AMOUNT
$168,859

Sponsor Information

SPONSOR AWARD NUMBER
1664315
SPONSOR
NATIONAL SCIENCE FOUNDATION
SPONSOR TYPE
Federal
FUNCTION
Organized Research
PROGRAM NAME

Proposal Information

PROPOSAL NUMBER
17030328
PROPOSAL TYPE
New
ACTIVITY TYPE
Basic Research

PI Information

PI
Yin, Heng
PI TITLE
Other
PI DEPTARTMENT
Computer Science & Engineering
PI COLLEGE/SCHOOL
Bourns College of Engineering
CO PIs

Project Information

ABSTRACT

Malicious software (malware) has become a major threat to computer security and will continue to be a central theme for computer security research for decades. This project takes a binary and virtualization centric approach to effectively and efficiently defeat malware using both online and offline analysis. Offline malware analysis aims to extract knowledge about the inner-workings for a newly discovered malware instance or software exploit, for the purpose of building up proper defense against similar attacks. Online malware defense aims to build efficient security mechanisms to effectively confine malicious behavior and collect enough evidence for subsequent security investigation.

For offline malware analysis, a novel virtualization-based malware analysis platform is used, on top of which new type inference techniques are applied to malware decomposition and vulnerability diagnosis. For online malware defense, new techniques for module-level sandbox and execution replay using virtualization are cooperatively used to defeat malware.

The results from this research will be disseminated through both peer-reviewed publications and software release. Based on this research, new course materials, modular hands-on projects, and professional training tutorials will be developed, to help future computer engineers and security researchers gain in-depth knowledge about malware defense.
(Abstract from NSF)