The ever-growing malware threats call for effective, yet efficient, mitigation techniques. Machine learning offers a promising solution to malware defense due to the scalability and automation that it brings. Machine learning techniques are however not a panacea for advanced malware attacks where cyber criminals can carefully craft malware features to evade detection. The root cause of such attacks can be attributed to the passive nature of existing machine learning-based malware defense systems.
Our project aims to enhance these systems with a novel moving target strategy. Our method differs from traditional methods that use feature selection schemes to search for a static subset of features for malware detection or classification. In contrast, our approach dynamically changes the features used to train a classification model for predicting future malware attacks. To prevent adversarial correlation analysis, our method uses a random walk technique to ensure that features used across different predictive models have low mutual information. We further study the effectiveness of the moving target approach in enhancing machine learning-based malware defense under various evasion strategies by malware attackers. If successful, this research will introduce a promising new strategy for mitigating the ever-growing malware threats.
|