Danfeng Yao (right), an assistant professor in the computer science department at Virginia Tech’s College of Engineering, will use a $530,000 National Science Foundation Faculty Early Career Development (CAREER) grant to develop software that will differentiate human-user computer interaction from that of malware.The new computer program will do this by identifying and enforcing unique properties of human computer usage. Millions of computers worldwide are infected annually by malicious software in the form of viruses, worms, and Trojan horses, with scores of computers becoming part of a “bot” army that runs potentially dangerous automated tasks over the Internet.
Infected computers can be coordinated and used by cyber criminals to launch illegal and destructive activities such as identity theft, sending reams of spam messages, launching distributed denial of service attacks, and committing click fraud.
Yao’s work will focus on identifying characteristic human-user behaviors, developing protocols for fine-grained traffic-input analysis, and preventing forgeries and attacks by malware. She will design and apply a combination of cryptographic techniques, correlation analysis and hardware-based integrity measures to carry out these tasks.
“Existing malware-detection approaches are limited in their ability to identify and discern malicious bots from legitimate and benign ones,” Yao says. “The proliferation and sophistication of malware clandestine activities--as well as its growing capacity to do serious harm--requires constant vigilance and upgrading.”
Greater threats also exist: Some malware, as in the recent case involving hacker sources from China against Internet giant Google, are tools of cyber warfare meant as espionage tools or to destroy critical network infrastructure of a major corporation, financial centers or even a nation’s defense agency.
“The program will adaptively learn from the user’s patterns, to differentiate legitimate network activities and usage from malicious software,” Yao says.
No comments:
Post a Comment