时间:
地点:曹东502
题目: Go Ahead of Attackers: Towards New Proactive Techniques for Malware Detection and Defense
摘要:Most cyber attacks and fraudulent activities on the Internet are carried out by malware. For example, botnets, the state-of-the-art malware, are now the primary "platforms" for cyber attacks such as spam, DDoS, and data theft. Most of our current solutions to cyber defense are still passive and reactive, focusing on defending against known attacks. The situation is becoming worse and worse because the economic engine of profit-driven cyber attacks are quickly transforming the threat and defense landscape to favor more and more attackers, as they enjoy many fundamental advantages over defenders (known as asymmetries of security). In this talk, I propose to put more research focus on "proactive" malware defense strategies and develop "game-changing" defense approaches to go ahead of attackers (instead of always following them). In particular, I will introduce some case studies of such proactive cyber defense techniques. For example, I will present new proactive network probing techniques to detect malware at an early stage before it is controlled (to carry out malicious activities). We propose new techniques to extract Malware Control Birthmarks (MCBs) from malware, and use them for active, robust, fast and scalable malware detection.
报告者简介:Dr. Guofei Gu is an associate professor (effective on Fall 2014) in the Department of Computer Science & Engineering at Texas A&M University (TAMU). Before coming to Texas A&M, he received his Ph.D. degree in Computer Science from the
