TY - GEN
T1 - Evolutionary Computation for Improving Malware Analysis
AU - Leach, Kevin
AU - Dougherty, Ryan
AU - Spensky, Chad
AU - Forrest, Stephanie
AU - Weimer, Westley
PY - 2019/5
Y1 - 2019/5
N2 - Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.
AB - Research in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.
KW - evolutionary computation
KW - genetic improvement
KW - malware
UR - http://www.scopus.com/inward/record.url?scp=85072972914&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85072972914&partnerID=8YFLogxK
U2 - 10.1109/GI.2019.00013
DO - 10.1109/GI.2019.00013
M3 - Conference contribution
T3 - Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019
SP - 18
EP - 19
BT - Proceedings - 2019 IEEE/ACM 6th International Workshop on Genetic Improvement, GI 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th IEEE/ACM International Workshop on Genetic Improvement, GI 2019
Y2 - 28 May 2019
ER -