컨텐츠 바로가기 영역
본문으로 바로가기
주메뉴로 바로가기
KAIST Graduate  School of Information Security

공지사항

Home  >  커뮤니티  >  공지사항

[종료] Aziz Mohaisen박사 세미나 (8.22(목)16:00~)
이름 : admin | 작성일 : 2013.08.20 16:03 | 조회수 : 11458

정보보호대학원 김용대교수님께서 초청하신 분으로 아래와 같이

'There's Always Room for Improvement: Dissecting Bad Codes with AMAL, Babble, and AVMeter' 주제

세미나를 개최할 예정입니다.

관심있는 분들의 많은 참여를 부탁드립니다.

 

o 일시: 8월 22일(목) 16:00~

o 장소: N1건물 1층 110호 강의실

o 제목: There's Always Room for Improvement: Dissecting Bad Codes with AMAL, Babble, and AVMeter

 

o 개요: Malware classification and family identification are not new problems. However, the rapid evolution of the malware attack/defense ecosystem has enabled much fruitful research. In this talk, our contributions to the domain will be summarized by presenting three systems: (1) AMAL, (2) Babble, and (3) AVMeter.
AMAL is a behavior-based tool to classify/cluster malware that utilizes autonomous feature extraction and expert labeled training data. AMAL sandboxes malicious binaries to collect fine-granularity behavioral artifacts that characterize malware’s usage of the file system, memory, network, and registry. Expert labeling by analysts and unsupervised clustering enable the production of models that can accurately determine malware status and family (e.g., Zeus). Precision/recall metrics for the technique have been excellent, and the talk will present benchmarks, cost estimates, and other metrics endorsing AMAL’s approach.
Babble is a system for representing and leveraging the sequence of events in a malware execution. Whereas calculating and exposing low-level feature values might have ill scalability or gamesmanship effects, Babble tersely and efficiently captures execution patterns. By creating an alphabet/language to represent runtime behavior, techniques from n-gram processing are used to train a binary classifier that is capable of distinguishing different malware samples with high accuracy.
AVMeter is a system for evaluating the performance of antivirus scans and labels. Researchers rely heavily on these outputs in establishing ground-truth for their methods and companies use then to guide mitigation and disinfection efforts. However, there is a lack of research that validates the performance of these antivirus vendors. Utilizing malware samples that have been manually labeled by expert analysts we reveal dramatic errors in the correctness, coverage, and consistency of current antivirus offerings. We invite the community to challenge assumptions about relying on AV scans and labels as a ground truth for malware analysis and classification.

o Bio: Aziz Mohaisen is a research scientist at VeriSign Labs. His research interests are broadly focused on the security, privacy, measurement, and analysis of complex and emerging network systems. His recent work has emphasized data-driven security and its applications in malware analysis, network routing, information sharing, and Internet-scale reputation. He obtained his Ph.D. in computer science from the University of Minnesota in 2012 where he wrote his dissertation on trustworthy social computing systems.

contact : 전기 및 전자공학과 김용대 교수 (T.7430)


 

IP : 143.248.2.***
QRcode
%s1 / %s2
 
카테고리
List Gallery Webzine RSS FEED

번호 파일 제목 작성일 조회수
pdf 2018.08.14 1
43 pdf 2014.02.18 11,151
42 pdf 2014.02.17 11,653
41 blank 2014.02.17 11,315
40 jpg 2014.02.10 11,001
39 blank 2014.02.07 10,872
38 blank 2014.01.21 10,697
37 blank 2014.01.03 11,660
36 hwp 2013.11.25 12,943
35 blank 2013.11.25 12,540
34 hwp 2013.10.02 14,067
33 blank 2013.09.24 13,517
32 pdf 2013.09.23 13,910
31 blank 2013.09.17 12,647
30 hwp 2013.09.09 14,258
29 blank 2013.08.20 12,416
blank 2013.08.20 11,459
27 blank 2013.08.20 11,804
26 pdf 2013.08.14 12,688
25 pdf 2013.08.12 15,218
24 jpg 2013.08.01 13,370
23 jpg 2013.06.28 16,530
22 blank 2013.06.28 13,013
21 blank 2013.06.26 13,829
20 pdf 2013.06.03 14,692
19 pdf 2013.05.20 15,027
18 blank 2013.06.03 13,924
17 pdf 2013.04.18 12,533
16 pdf 2013.05.20 13,000
15 jpg 2013.04.01 18,029
14 jpg 2013.03.29 20,717

커뮤니티

  • 공지사항
  • 행사일정
  • 갤러리
  • 자료실
  • Q&A

QUICKLINKS

  • 입학안내 : GSIS 입학을 원하는 신입생을 위하여 입학정보를 상세히 안내합니다.
  • 교과과정 : 글로벌 사이버 보안을 이끌어갈 GSIS 교과과정안내 입니다.
  • 오시는길 : 한국과학기술원 내에 위치한 GSIS의 위치를 확인해 주세요.
  • 자료실 :대학원 생활에서 필요한 각종 자료와 일반 자료들을 모았습니다.
  • 발전기금:대한민국의 사이버보안을 책임지겠습니다. 든든한 후원자가 되어주십시요.