Browsing by Author "Shukla, Sanket"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
Item Design of Secure and Robust Cognitive System for Malware DetectionShukla, Sanket; Shukla, Sanket; PD, Sai ManojThe computer systems for decades have been threatened by various types of hardware and software attacks of which Malware have been one of the pivotal issues. This malware has the ability to steal, destroy, contaminate, gain unintended access, or even disrupt the entire system. There have been techniques to detect malware by performing static and dynamic analysis of malware files, but, stealthy malware has circumvented the static analysis method and for dynamic analysis, there have been previous works that propose different methods to detect malware. However, these techniques do not perform well on stealthy malware. Moreover, the rising trend and advancements in machine learning has resulted into its numerous applications in the field of computer vision, pattern recognition to providing security to hardware devices. Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in grayscale images. Albeit the advancement and promising results shown by machine learning techniques, attackers can exploit the vulnerabilities by generating adversarial samples. Adversarial samples are generated by intelligently crafting and adding perturbations to the input samples. There exists majority of the software based adversarial attacks and defenses. To defend against the adversaries, the existing malware detection based on machine learning and grayscale images needs a preprocessing for the adversarial data. This can cause an additional overhead and can prolong the real-time malware detection. So, as an alternative to this, we explore RRAM (Resistant Random Access Memory) based defense against adversaries. Therefore, the aim of this thesis is to address the above mentioned critical system security issues. The above mentioned challenges are addressed by demonstrating proposed techniques to design a secure and robust cognitive system. First, a novel technique to detect stealthy malware is proposed.The technique uses malware binary images and then extract different features from the same and then employ different ML-classifiers on the dataset thus obtained. Results demonstrate that this technique is successful in differentiating classes of malware based on the features extracted. Secondly, I demonstrate the effects of adversarial attacks on a reconfigurable RRAM-neuromorphic architecture with different learning algorithms and device characteristics. I also propose an integrated solution for mitigating the effects of the adversarial attack using the reconfigurable RRAM architecture.Item Malware Detection using Federated Learning based on HPC Events and Localized Image features(2019) Shukla, Sanket; Kolhe, Gaurav; Homayoun, Houman; Manoj P D, Sai; Rafatirad, SetarehMalware is a global threat and it has seen a tremendous increase as well as diversity which made threat detection and analysis a pivotal challenge to address. The increasing diversity in the malware syntax and behavior is some of the basic challenges to address for efficient malware detection. Thus, an efficient detection requires knowledge of different threats across the globe. However, it is impractical to have a signature-based detection or maintain a database with all malware signatures or syntax. To address these challenges, we propose a federated learning(FL)-based framework that aids to learn the threat features and characteristics irrespective of its origin and without breaching users' data or privacy for an enhanced and robust security of billions of devices across the globe against malware.The federated learning (FL) model obtains the models from a selected set of devices to determine the model parameters required for efficient detection of heterogeneous malware types. Further, one model that encompasses of knowledge from different models obtained from different devices is emerged, which will be further broadcasted to the individual device for efficient malware detection, despite a given device has previously encountered or trained with characteristics of the malware. For the individual devices, we deploy a two-pronged malware detection technique.In first prong, we extract the microarchitectural traces obtained while executing the application to detect traditional malware and in second prong, we introduce an automated localized feature extraction technique to detect obfuscated malware.With the proposed FL framework, we achieved 91% malware detection accuracy, irrespective of training data used at device-level. Furthermore, the proposed framework achieves up to 11% higher detection accuracy compared to the existing malware detection techniques.