University of Central Florida
Associate Professor and Director of Security and Analytics Lab (SEAL)
David Mohaisen earned his M.Sc. and Ph.D. degrees from the University of Minnesota in 2011 and 2012, respectively. He is currently an Associate Professor at the University of Central Florida, where he directs the Security and Analytics Lab (SEAL). Before joining UCF, he held several posts, in academia and industry: as an Assistant Professor at the University at Buffalo, (Senior) Research Scientist at Verisign Labs, and a Member of the Engineering Staff at the Electronics and Telecommunication Research Institute (ETRI). His research interests fall in the broad area systems security and privacy, with a recent focus on adversarial machine learning, IoT security, AI security, and blockchain security. Among other services, he is currently an Associate Editor of IEEE Transactions on Mobile Computing, IEEE Transactions on Parallel and Distributed Systems, and IEEE Transactions on Cloud Computing. He is a Distinguished Speaker of ACM (2021-2023), Distinguished Visitor of IEEE’s Computer Society (2021-2023), and a Senior Member of both ACM (since 2018) and IEEE (since 2015).
Talk:
Malware Analysis and Detection Using Machine Learning
Abstract:
As of late 2020, more than 1 billion malware samples are in the wild, compared to just under 100 million samples only 8 years ago. This rapid growth of malware populations as well as the unprecedented scale of Internet-connected devices, e.g., Internet of Things, provide adversaries with ample opportunities to expand an already significant threat and attack surface, allowing adversaries to take down large services through persistent attacks. To address this attack surface, manual analysis of programs to tell whether they are malicious or benign, and to detect and contain them, is impractical and does not address the problem scale. Advances in machine learning, however, lend themselves to the problem domain nicely, powered by recent results on representation, learning, and robustness, and recent advances in the area of program analysis. In this talk, we present some of our recent findings on the systematic (program) understanding of Internet of Things software towards the analysis, detection, and classification of malware by employing various program analysis modalities, such as strings, functions, and graphs. We also present our recent results on examining the robustness of our analysis modalities to intelligent adversaries who try to evade detection. We conclude that talk with various ongoing and open directions.