QuEST for malware type-classification

Authors

Sandra L. Vaughan, Air Force Institute of Technology
Robert F. Mills, Cyberspace Research, Air Force Institute of TechnologyFollow
Michael R. Grimaila, Air Force Institute of TechnologyFollow
Gilbert L. Peterson, Air Force Institute of TechnologyFollow
Mark E. Oxley, Air Force Institute of TechnologyFollow
Thomas E. Dube, Air Force Institute of Technology
Steven K. Rogers, Air Force Research Laboratory

Document Type

Conference Proceeding

Publication Date

5-14-2015

Abstract

Current cyber-related security and safety risks are unprecedented, due in no small part to information overload and skilled cyber-analyst shortages. Advances in decision support and Situation Awareness (SA) tools are required to support analysts in risk mitigation. Inspired by human intelligence, research in Artificial Intelligence (AI) and Computational Intelligence (CI) have provided successful engineering solutions in complex domains including cyber. Current AI approaches aggregate large volumes of data to infer the general from the particular, i.e. inductive reasoning (pattern-matching) and generally cannot infer answers not previously programmed. Whereas humans, rarely able to reason over large volumes of data, have successfully reached the top of the food chain by inferring situations from partial or even partially incorrect information, i.e. abductive reasoning (pattern-completion); generating a hypothetical explanation of observations. In order to achieve an engineering advantage in computational decision support and SA we leverage recent research in human consciousness, the role consciousness plays in decision making, modeling the units of subjective experience which generate consciousness, qualia. This paper introduces a novel computational implementation of a Cognitive Modeling Architecture (CMA) which incorporates concepts of consciousness. We apply our model to the malware type-classification task. The underlying methodology and theories are generalizable to many domains.

Comments

Copyright © 2015 Society of Photo-Optical Instrumentation Engineers (SPIE).

This conference paper is available through subscription or purchase from the publisher, SPIE, using the DOI link below.

Author Note: Sandra Vaughan was an AFIT PhD student at the time of this conference. (AFIT-ENG-DS-16-S-016, September 2016)

DOI

10.1117/12.2176861

Source Publication

Cyber Sensing 2015

Recommended Citation

Sandra L. Vaughan, Robert F. Mills, Michael R. Grimaila, Gilbert L. Peterson, Mark E. Oxley, Thomas E. Dube, and Steven K. Rogers "QuEST for malware type-classification", Proc. SPIE 9458, Cyber Sensing 2015, 945807 (14 May 2015); https://doi.org/10.1117/12.2176861