Date: Friday, April 25, 2014,
Location: Maxwell-Dworkin G115, 33 Oxford Street, Cambridge, MA 02138
Speaker: Spiros Mancoridis, Professor of Computer Science & Sr. Assoc. Dean of
Computing, Drexel University
Time: Informal lunch with speaker, 12:30pm. Talk, 1:00pm
Title: Host-based Online Behavioral Malware Detection and Classification
gCal<https://www.google.com/calendar/render?cid=http://www.seas.harvard.…
iCal<UrlBlockedError.aspx>
Abstract:
The complex computing systems employed by governments, corporations, and other
institutions are frequently targeted by cyber-attacks designed for espionage and sabotage.
The malicious software used in such attacks are typically custom-designed or obfuscated to
avoid detection by traditional antivirus software. Our goal is to create a malware
detection and classification system that can quickly and accurately detect and classify
such malware. We pose the problem of malware detection as a multi-channel change-point
detection problem, wherein the goal is to identify the point in time when a system changes
from a known clean state to an infected state.
In this talk, I will present a host-based malware detection system designed to run at the
hypervisor level, monitoring hypervisor and guest operating system sensors and
sequentially determining whether the host is infected. I will also describe an automatic
classification system that can be trained to accurately identify new variants within known
malware families, using observed similarities in behavioral features extracted from
sensors monitoring live computers hosts. A case study wherein the detection system is used
to detect various types of malware on an active web server under heavy computational load
will be presented.
Speaker bio:
Spiros Mancoridis is a Professor of Computer Science at Drexel University and the Senior
Associate Dean of Computing in the College of Computing and Informatics. Professor
Mancoridis’ expertise includes malware detection and classification, autonomic computing,
software design and architecture, reverse engineering, software security, genetic
algorithms, and software engineering education. He is the recipient of the National
Science Foundation’s 1998 CAREER Award and a senior member of the IEEE and ACM. Professor
Mancoridis has authored or co-authored more than 80 refereed technical publications. In
2008 Professor Mancoridis was recognized with an Outstanding Researcher Award from the
College of Engineering at Drexel University.
Please visit
http://iacs.seas.harvard.edu/events to subscribe to our Google calendar,
manage your subscription to this mailing list, or access video and audio recordings of
previous seminars.
_______________________________________________
Iacs-events mailing list
Iacs-events(a)seas.harvard.edu
https://lists.seas.harvard.edu/mailman/listinfo/iacs-events