Evolutionary Computation for Improving Malware Analysis

Kevin Leach; Ryan Dougherty; Chad Spensky; Stephanie Forrest; Westley Weimer

doi:10.1109/GI.2019.00013

Evolutionary Computation for Improving Malware Analysis

Kevin Leach, Ryan Dougherty, Chad Spensky, Stephanie Forrest, Westley Weimer

Biocomputing, Security and Society, Center for (BSS)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.

Original language	English (US)
Title of host publication	Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	18-19
Number of pages	2
ISBN (Electronic)	9781728122687
DOIs	https://doi.org/10.1109/GI.2019.00013
State	Published - May 2019
Event	6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019 - Montreal, Canada Duration: May 28 2019 → …

Publication series

Name	Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019

Conference

Conference	6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019
Country/Territory	Canada
City	Montreal
Period	5/28/19 → …

Keywords

evolutionary computation
genetic improvement
malware

ASJC Scopus subject areas

Software
Safety, Risk, Reliability and Quality

Access to Document

10.1109/GI.2019.00013

Cite this

Leach, K., Dougherty, R., Spensky, C., Forrest, S., & Weimer, W. (2019). Evolutionary Computation for Improving Malware Analysis. In Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019 (pp. 18-19). Article 8823611 (Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/GI.2019.00013

Evolutionary Computation for Improving Malware Analysis. / Leach, Kevin; Dougherty, Ryan; Spensky, Chad et al.
Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 18-19 8823611 (Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Leach, K, Dougherty, R, Spensky, C, Forrest, S & Weimer, W 2019, Evolutionary Computation for Improving Malware Analysis. in Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019., 8823611, Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019, Institute of Electrical and Electronics Engineers Inc., pp. 18-19, 6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019, Montreal, Canada, 5/28/19. https://doi.org/10.1109/GI.2019.00013

Leach K, Dougherty R, Spensky C, Forrest S, Weimer W. Evolutionary Computation for Improving Malware Analysis. In Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 18-19. 8823611. (Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019). doi: 10.1109/GI.2019.00013

@inproceedings{cf1e7013ae174103af820a4a6f2c126b,

title = "Evolutionary Computation for Improving Malware Analysis",

abstract = "Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.",

keywords = "evolutionary computation, genetic improvement, malware",

author = "Kevin Leach and Ryan Dougherty and Chad Spensky and Stephanie Forrest and Westley Weimer",

year = "2019",

month = may,

doi = "10.1109/GI.2019.00013",

language = "English (US)",

series = "Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "18--19",

booktitle = "Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019",

note = "6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019 ; Conference date: 28-05-2019",

}

TY - GEN

T1 - Evolutionary Computation for Improving Malware Analysis

AU - Leach, Kevin

AU - Dougherty, Ryan

AU - Spensky, Chad

AU - Forrest, Stephanie

AU - Weimer, Westley

PY - 2019/5

Y1 - 2019/5

N2 - Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.

AB - Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.

KW - evolutionary computation

KW - genetic improvement

KW - malware

UR - http://www.scopus.com/inward/record.url?scp=85072972914&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85072972914&partnerID=8YFLogxK

U2 - 10.1109/GI.2019.00013

DO - 10.1109/GI.2019.00013

M3 - Conference contribution

AN - SCOPUS:85072972914

T3 - Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019

SP - 18

EP - 19

BT - Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019

Y2 - 28 May 2019

ER -

Evolutionary Computation for Improving Malware Analysis

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this