Charles River Analytics, a developer of intelligent systems solutions, announces a follow-on contract to develop novel techniques for malware defense for the US Air Force. SESAME, which stands for Semi-Supervised Algorithms against Malware Evolution, is a research project that aims to counter the increasing threats posed by malware.
“Malware poses a critical threat to our networked assets. The number and sophistication of malware attacks continues to multiply each year,” explained Dr. Avi Pfeffer, Principal Scientist at Charles River. “Human analysts cannot cope with the large volume of malware, and automated methods have difficulty recognizing evolving malware. Our goal under the SESAME effort is to develop a robust, scalable system that improves malware detection while countering attempts by attackers to subvert our defenses.”
SESAME uses online learning, which evolves as it encounters new malware. It combines a rich understanding of malware set with deep machine learning algorithms to learn the essential characteristics of malware. Also, to scale up to handle the enormous number of malware attacks, SESAME uses cloud-based learning and is being designed as an enterprise-based system.
Charles River is partnering with Professor Arun Lakhotia of the Center for Advanced Computer Studies at the University of Louisiana at Lafayette. Dr. Lakhotia’s Software Research Lab specializes in analyzing malware evolution.
Related Efforts in Cyber Defense
SESAME is one of several Charles River’s efforts in the cyber defense domain:
- The Malware Analysis and Attribution using Genetic Information system, or MAAGI, is being developed for DARPA’s Cyber Genome project. The MAAGI system combines ideas and techniques from biological evolution, reverse engineering of computer programs, and linguistics to help malware analysts identify the source and intent of new malware attacks.
- Under the Tangible Trustworthiness for Mixed-Initiative Network Defense program, or T2-MIND, Charles River combined novel displays with tangible controls that allow cyber defenders to better interpret and use automated cyber defense systems.
- In the Probabilistic Relational Models for Cyber Situation Awareness project, known as PRM4Cyber, and the Advanced Pattern Recognition project, known as APR, Charles River developed innovative cyber capabilities to help detect and respond to cyber attacks.
This material is based upon work supported by the United States Air Force under Contract No. FA8750-13-C-0125. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Air Force.