Visible to the public Evolutionary Computation for Improving Malware Analysis

TitleEvolutionary Computation for Improving Malware Analysis
Publication TypeConference Paper
Year of Publication2019
AuthorsLeach, Kevin, Dougherty, Ryan, Spensky, Chad, Forrest, Stephanie, Weimer, Westley
Conference Name2019 IEEE/ACM International Workshop on Genetic Improvement (GI)
Keywordsautomated malware analysis, automated repair, benign software, evolutionary computation, genetic algorithms, genetic improvement, Genetics, GI-based approach, GI-based bug repair, Human Behavior, individual software artifacts, invasive software, malicious code, malicious software, Malware, malware analysis, malware samples, Metrics, Predictive Metrics, privacy, program debugging, pubcrawl, Resiliency, security, Servers, software improvement, software maintenance, Tools, variable-strength covering arrays
AbstractResearch in genetic improvement (GI) conventionally focuses on the improvement of software, including the automated repair of bugs and vulnerabilities as well as the refinement of software to increase performance. Eliminating or reducing vulnerabilities using GI has improved the security of benign software, but the growing volume and complexity of malicious software necessitates better analysis techniques that may benefit from a GI-based approach. Rather than focus on the use of GI to improve individual software artifacts, we believe GI can be applied to the tools used to analyze malicious code for its behavior. First, malware analysis is critical to understanding the damage caused by an attacker, which GI-based bug repair does not currently address. Second, modern malware samples leverage complex vectors for infection that cannot currently be addressed by GI. In this paper, we discuss an application of genetic improvement to the realm of automated malware analysis through the use of variable-strength covering arrays.
DOI10.1109/GI.2019.00013
Citation Keyleach_evolutionary_2019