The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $500,000 to Cambridge, Massachusetts-based Charles River Analytics Inc. to develop malware defense technology that will alert and empower information technology (IT) administrators to fend off an impending cyber attack. The technology can predict next-stage developments in malware evolution, making it possible for administrators to anticipate and block malware intrusions.
The Charles River Analytics Predictive Malware Defense (PDM) contract was awarded through the DHS S&T Cyber Security Division’s (CSD) Long Range Broad Agency Announcement DHSST-LRBAA14-02. The award is part of CSD’s larger Internet Measurement and Attack Modeling (IMAM) project that is working with cybersecurity researchers to develop solutions in the areas of resilient systems and networks, modeling of internet attacks as well as network mapping and measurement.
“Malware attacks are increasing in frequency and complexity, resulting in adverse impacts on the productivity and financial health of our government and private sectors,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers. “The goal of this new technology is to put a potent tool in the hands of administrators of government and private-sector infrastructure — particularly in the financial sector — by enabling them to anticipate a potential attack and act before it occurs.”
The S&T Cyber Security Division’s (CSD) IMAM project is aligned with federal cyber security research and development strategic initiatives to develop a targeted set of research priorities to ensure the internet is safe, trustworthy and prosperous.
“The best defense—especially in cyberspace—is anticipating and preparing for your adversary’s attack,” said Ann Cox, S&T IMAM program manager. “Endowing IT system administrators with the ability to act preemptively against potential malware attacks instead of acting after the fact is a paradigm shift that tilts the advantage toward IT infrastructure defenders.”
Malicious cyber activity is growing at an unprecedented rate. A leading internet security firm reported there were more than 317 million new malicious code signatures in 2014. Additionally, attacks are increasing in sophistication as authors create malware that circumvents standard signature-based antivirus defense systems.
To reverse this troubling trend, Charles River Analytics will develop PDM, a program that will use advanced machine learning techniques to predict significant new malware attacks and generate preemptive defenses. The innovative program will use statistical models focused on features extracted from malware families to predict possible courses of malware evolution. Once implemented, PDM will advance malware detection and defense capabilities beyond those offered by current antivirus resources.
For more information about CSD’s IMAM project, visit https://www.dhs.gov/science-and-technology/csd-imam.