Presentation is loading. Please wait.

Presentation is loading. Please wait.

Printing: This poster is 48” wide by 36” high. It’s designed to be printed on a large-format printer. Customizing the Content: The placeholders in this.

Similar presentations


Presentation on theme: "Printing: This poster is 48” wide by 36” high. It’s designed to be printed on a large-format printer. Customizing the Content: The placeholders in this."— Presentation transcript:

1 Printing: This poster is 48” wide by 36” high. It’s designed to be printed on a large-format printer. Customizing the Content: The placeholders in this poster are formatted for you. Type in the placeholders to add text, or click an icon to add a table, chart, SmartArt graphic, picture or multimedia file. To add or remove bullet points from text, just click the Bullets button on the Home tab. If you need more placeholders for titles, content or body text, just make a copy of what you need and drag it into place. PowerPoint’s Smart Guides will help you align it with everything else. Want to use your own pictures instead of ours? No problem! Just right-click a picture and choose Change Picture. Maintain the proportion of pictures as you resize by dragging a corner. Intelligent Malware Detection System Group Members: Alex Finkelstein, Kevin Hao, Josh Suess, Dom Amos, Mike Hite Advisor: Dr. Yanfang Ye GROWTH OF MALWARE BACKGROUND We will implement data mining techniques to grow our database of malicious behavioral signatures. By doing so we will improve the accuracy of our detection system. We will first map each Windows API call to an integer value. Our program will then take in a directory of malicious files and extracts the API calls from each file. An integer vector will then be generated from each of the API calls made in the file and uploaded to the database. Each of these vectors will serve as the behavioral signature for each file and after completion of the previously described process our database will be populated with vectors of malicious behavior. When the user uploads a file the system will generate the behavioral signature for the file and compare it with the malicious vectors in the database. If the file has never been seen before it will be uploaded to the database after a determination of its safety. FEATURES What can our software do for you? Scan user uploaded files for malicious content. Scan user’s entire computer system for malicious content. Real time protection as a background process. THE FUTURE OF MALWARE DETECTION With the growing number of and intelligence of malicious attacks on computer systems there is a need for intelligent detection capable of recognizing and responding to threats. The focus of our project is to create a system with the ability to dynamically identify malicious files through their behavioral signatures. Our system will implement data mining and big data analytics coupled with advanced detection algorithms to move away from the classic static signature detection approach towards a more robust and accurate method of malware detection. CLASSIFICATION The comparison that our system does between user uploaded files and the database relies on a classification algorithm. This algorithm measures the “distance” between file attributes and determines if the classification of one is the same as the other. We will implement one of five different classification techniques in our system: K-nearest neighbor Decision tree Naïve Bayes and Bayesian Network Support vector machine Neural network DATA MINING Kaspersky reports that around the world 200,000 new malware samples are discovered every day. An average of $345,000 is lost or stolen per incident of accounts and passwords stolen. In 2014, malware will cost enterprises an estimated $500 billion dollars, and consumers an estimated $25 billion dolllars. Approximately 1.2 billion man hours will be wasted dealing with the effects of malware [1]. The architects of newer malware embed avoidance techniques in their malware to allow it to evade detection from anti virus and other detection systems. Encryption Packing Obfuscation Polymorphism Metamorphism Traditional signature based detection is becoming obsolete and ineffective against this new malware. There is an obvious need for a smarter detection system that does not depend on static signatures. Bayes Rule:


Download ppt "Printing: This poster is 48” wide by 36” high. It’s designed to be printed on a large-format printer. Customizing the Content: The placeholders in this."

Similar presentations


Ads by Google