CSC News
Jiang Receives Funding to Study Information Flow to Detect Malware
Dr. Xuxian Jiang, assistant professor of computer science, has been awarded $50,000 by the US Air Force Research Laboratory (through Purdue University) to support his research proposal titled “Process Coloring: An Information Flow-Preserving Approach to Malware Investigation.”
The award will run from August 1, 2008 through December 6, 2008.
Abstract - Cyberinfrastructures are facing increasingly stealthy and sophisticated malware threats. For example, recent reports have suggested that new computer worms and viruses deliberately avoid fast massive propagation. Instead, they lurk in infected machines and inflict contaminations over time, such as rootkit and backdoor installation, botnet creation, and private data theft. Current methods for detection and investigation do not fully exploit the use of information flows tracked at the operating system level. We argue that OS-level information flow is currently an under-utilized tool for malware investigation. In this project, we propose to use operating system information flows to propagate malware break-in provenance information and will demonstrate that provenance preservation can help achieve more efficient and effective malware investigation. We will also show that this technique can be used to produce live alerts for malware that existing tools are unable to provide..
For more information about Dr. Jiang, click here.
The award will run from August 1, 2008 through December 6, 2008.
Abstract - Cyberinfrastructures are facing increasingly stealthy and sophisticated malware threats. For example, recent reports have suggested that new computer worms and viruses deliberately avoid fast massive propagation. Instead, they lurk in infected machines and inflict contaminations over time, such as rootkit and backdoor installation, botnet creation, and private data theft. Current methods for detection and investigation do not fully exploit the use of information flows tracked at the operating system level. We argue that OS-level information flow is currently an under-utilized tool for malware investigation. In this project, we propose to use operating system information flows to propagate malware break-in provenance information and will demonstrate that provenance preservation can help achieve more efficient and effective malware investigation. We will also show that this technique can be used to produce live alerts for malware that existing tools are unable to provide..
For more information about Dr. Jiang, click here.
Return To News Homepage