Malware identification using cognitively-inspired inference
Loading...
Authors
Thomson, Robert
Lebiere, Christian
Bennati, Stefano
Shakarian, Paulo
Nunes, Eric
Issue Date
2015
Type
Conference presentations, papers, posters
Language
Keywords
malware identification , instance-based learning , cognitive modeling , cognitive architecture
Alternative Title
Abstract
Malware reverse-engineering is an important type of analysis in cybersecurity. Rapidly identifying the tasks that a piece of malware is designed to perform is an important part of reverse engineering that is generally manually performed as it relies heavily on human intuition This paper describes how the use of cognitively-inspired inference can assist in automating some of malware task identification. Computational models derived from human-inspired inference were able to reach relatively higher asymptotic performance faster than traditional machine learning approaches such as decision trees and naïve Bayes classifiers. Using a real-world malware dataset, these cognitive models identified sets of tasks with an unbiased F1 measure of 0.94. Even when trained on historical datasets of malware samples from different families, the cognitive models still maintained the precision of decision tree and Bayes classifiers while providing a significant improvement to recall.
Description
Citation
Thomson, Robert, Christian Lebiere, Stefano Bennati, Paulo Shakarian, and Eric Nunes. "Malware identification using cognitively-inspired inference." Proceedings of Behavior Representation in Modeling and Simulation Annual Conference(2015).
Publisher
BRiMS Annual Conference