Using qualia and multi-layered relationships in malware detection

Authors

Bobby D. Birrer, Center for Cyberspace Research, Air Force Institute of Technology
Richard A. Raines, Center for Cyberspace Research, Air Force Institute of Technology
Rusty O. Baldwin, Center for Cyberspace Research, Air Force Institute of Technology
Mark E. Oxley, Center for Cyberspace Research, Air Force Institute of Technology
Steven K. Rogers, Air Force Research Laboratory

Document Type

Conference Proceeding

Publication Date

3-30-2009

Abstract

Detecting network intruders and malicious software is a significant problem for network administrators and security experts. New threats are emerging at an increasing rate, and current signature and statistics-based techniques are failing to keep pace. Intelligent systems that can adapt to new threats are needed to mitigate these new strains of malware as they are released. This research develops a system that uses contextual relationships and information across different layers of abstraction to detect malware based on its qualia, or essence. By looking for the underlying concepts that make a piece of software malicious, this system avoids the pitfalls of static solutions that focus on predefined signatures or anomaly thresholds. This type of qualia-based system provides a framework for developing intelligent classification and decision-making systems for any number of application areas. Abstract © IEEE.

Comments

Copyright © 2009, IEEE

Co-author B. Birrer was an AFIT PhD student at the time of this paper. (AFIT-DCS-ENG-10-01, March 2010)

DOI

10.1109/CICYBS.2009.4925095

Source Publication

2009 IEEE Symposium on Computational Intelligence in Cyber Security

Recommended Citation

B. D. Birrer, R. A. Raines, R. O. Baldwin, M. E. Oxley and S. K. Rogers, "Using qualia and multi-layered relationships in malware detection," 2009 IEEE Symposium on Computational Intelligence in Cyber Security, Nashville, TN, USA, 2009, pp. 91-98, doi: 10.1109/CICYBS.2009.4925095.