컨텐츠 바로가기 영역
본문으로 바로가기
주메뉴로 바로가기
KAIST Graduate  School of Information Security

공지사항

Home  >  커뮤니티  >  공지사항

[종료] Aziz Mohaisen박사 세미나 (8.22(목)16:00~)
Name : admin | Date : 2013.08.20 16:03 | Views : 15105

정보보호대학원 김용대교수님께서 초청하신 분으로 아래와 같이

'There's Always Room for Improvement: Dissecting Bad Codes with AMAL, Babble, and AVMeter' 주제

세미나를 개최할 예정입니다.

관심있는 분들의 많은 참여를 부탁드립니다.

 

o 일시: 8월 22일(목) 16:00~

o 장소: N1건물 1층 110호 강의실

o 제목: There's Always Room for Improvement: Dissecting Bad Codes with AMAL, Babble, and AVMeter

 

o 개요: Malware classification and family identification are not new problems. However, the rapid evolution of the malware attack/defense ecosystem has enabled much fruitful research. In this talk, our contributions to the domain will be summarized by presenting three systems: (1) AMAL, (2) Babble, and (3) AVMeter.
AMAL is a behavior-based tool to classify/cluster malware that utilizes autonomous feature extraction and expert labeled training data. AMAL sandboxes malicious binaries to collect fine-granularity behavioral artifacts that characterize malware’s usage of the file system, memory, network, and registry. Expert labeling by analysts and unsupervised clustering enable the production of models that can accurately determine malware status and family (e.g., Zeus). Precision/recall metrics for the technique have been excellent, and the talk will present benchmarks, cost estimates, and other metrics endorsing AMAL’s approach.
Babble is a system for representing and leveraging the sequence of events in a malware execution. Whereas calculating and exposing low-level feature values might have ill scalability or gamesmanship effects, Babble tersely and efficiently captures execution patterns. By creating an alphabet/language to represent runtime behavior, techniques from n-gram processing are used to train a binary classifier that is capable of distinguishing different malware samples with high accuracy.
AVMeter is a system for evaluating the performance of antivirus scans and labels. Researchers rely heavily on these outputs in establishing ground-truth for their methods and companies use then to guide mitigation and disinfection efforts. However, there is a lack of research that validates the performance of these antivirus vendors. Utilizing malware samples that have been manually labeled by expert analysts we reveal dramatic errors in the correctness, coverage, and consistency of current antivirus offerings. We invite the community to challenge assumptions about relying on AV scans and labels as a ground truth for malware analysis and classification.

o Bio: Aziz Mohaisen is a research scientist at VeriSign Labs. His research interests are broadly focused on the security, privacy, measurement, and analysis of complex and emerging network systems. His recent work has emphasized data-driven security and its applications in malware analysis, network routing, information sharing, and Internet-scale reputation. He obtained his Ph.D. in computer science from the University of Minnesota in 2012 where he wrote his dissertation on trustworthy social computing systems.

contact : 전기 및 전자공학과 김용대 교수 (T.7430)


 

IP : 143.248.2.***
QRcode
%s1 / %s2
 
Category
List Gallery Webzine RSS FEED

No File Subject Date Views
pdf 2019.03.07 6
blank 2019.02.25 231
png 2019.01.14 788
jpg 2019.01.11 829
49 blank 2014.05.08 15,865
48 blank 2014.04.07 14,762
47 blank 2014.04.07 14,734
46 jpg 2014.03.28 15,782
45 blank 2014.03.17 16,042
44 blank 2014.03.11 17,326
43 pdf 2014.02.18 16,319
42 pdf 2014.02.17 17,264
41 blank 2014.02.17 17,473
40 jpg 2014.02.10 16,313
39 blank 2014.02.07 15,866
38 blank 2014.01.21 16,686
37 blank 2014.01.03 17,273
36 hwp 2013.11.25 18,016
35 blank 2013.11.25 17,369
34 hwp 2013.10.02 19,326
33 blank 2013.09.24 19,124
32 pdf 2013.09.23 19,054
31 blank 2013.09.17 17,173
30 hwp 2013.09.09 19,770
29 blank 2013.08.20 17,325
blank 2013.08.20 15,106
27 blank 2013.08.20 16,540
26 pdf 2013.08.14 17,540
25 pdf 2013.08.12 20,197
24 jpg 2013.08.01 17,640
23 jpg 2013.06.28 22,305
22 blank 2013.06.28 18,250
21 blank 2013.06.26 19,122
20 pdf 2013.06.03 19,171

커뮤니티

  • 공지사항
  • 행사일정
  • 갤러리
  • 자료실
  • Q&A

QUICKLINKS

  • 입학안내 : GSIS 입학을 원하는 신입생을 위하여 입학정보를 상세히 안내합니다.
  • 교과과정 : 글로벌 사이버 보안을 이끌어갈 GSIS 교과과정안내 입니다.
  • 오시는길 : 한국과학기술원 내에 위치한 GSIS의 위치를 확인해 주세요.
  • 자료실 :대학원 생활에서 필요한 각종 자료와 일반 자료들을 모았습니다.
  • 발전기금:대한민국의 사이버보안을 책임지겠습니다. 든든한 후원자가 되어주십시요.