Functional cognitive models of malware identification
Loading...
Authors
Lebiere, Christian
Bennati, Stefano
Thomson, Robert
Shakarian, Paulo
Nunes, Eric
Issue Date
2015
Type
Conference presentations, papers, posters
Language
Keywords
malware identification , cognitive modeling , ACT-R , Bayesian modeling
Alternative Title
Abstract
An important source of constraints on unified theories of cognition is their ability to perform complex tasks that are challenging for humans. Malware reverse-engineering is an important type of analysis in the domain of cyber-security. Rapidly identifying the tasks that a piece of malware is designed to perform is an important part of reverse engineering that is manually performed in practice as it relies heavily on human intuition. We present an automated approach to malware task identification using two different approaches using ACT-R cognitive models. Against a real world malware dataset, these cognitive models significantly out-perform baseline approaches while demonstrating key cognitive characteristics such as the ability to generalize to new categories and to quickly adapt to a change of environment. Finally, we discuss the implications of our approach for applying cognitive models to complex tasks.
Description
Citation
Lebiere, Christian, Stefano Bennati, Robert Thomson, Paulo Shakarian, and Eric Nunes. "Functional cognitive models of malware identification." Proceedings of ICCM, ICCM (2015): 90-95.
Publisher
International Conference on Cognitive Modeling