Since 1986 - Covering the Fastest Computers in the World and the People Who Run Them

Language Flags
June 4, 2014

VT Unveils Approach to Detect Malicious Software in Networked Computers and Data

BLACKSBURG, Va., June 4 — Cybercrime comes in all forms these days. One recent headline told of the creepware or silent computer snooping that resulted in the arrest of some 90 people in 19 countries. Miss Teen USA was among the victims. Her computer had been turned into a camera and used to spy on her in her own bedroom.

On the commercial front, Target suffered the largest retail hack in U.S. history during the Christmas shopping season of 2013, and now the Fortune 500 company’s outlook is bleak with steep drops in profits.

New research to be announced at the June 2014 ACM Symposium on Information, Computer and Communications Security in Kyoto, Japan, has unveiled the causal relations among computer network events.

The work effectively isolates infected computer hosts and detects in advance stealthy malware also known as malicious software.

The work was conducted under the auspices of a 2010 National Science Foundation CAREER Award grant to develop software that differentiates human-user computer interaction from malware. That $530,000 award was presented to Danfeng “Daphne” Yao, associate professor of computer science at Virginia Tech. She worked with Naren Ramakrishnan, the Thomas L. Phillips Professor of Engineering, and her graduate student Hao Zhang of Beijing, China, a doctoral candidate in computer science.

The Virginia Tech computer scientists used causal relations to determine whether or not network activities have justifiable and legitimate causes to occur.

“This type of semantic reasoning is new and very powerful,” Yao said.

“The true significance of this security approach is its potential proactive defense capability. Conventional security systems scan for known attack patterns, which is reactive. Our anomaly detection based on enforcing benign properties in network traffic is a clear departure from that,” Yao added.

They will present their paper “Detection of Stealthy Malware Activities with Traffic Causality and Scalable Triggering Relation Discovery” on June 4.  It will be published in the symposium’s proceedings.

Virginia Tech Intellectual Property has filed a patent on this technology, and it is actually a continuation-in-part patent, following one of Yao’s earlier patents.

Previously, Yao garnered a 3-year, $450,000 grant from the Office of Naval Research on cyber security to quantitatively detect anomalies in Department of Defense computers, mobile devices, command and control servers, and embedded systems deployed on U.S. Navy ships.

Yao’s career research focus has been on this methodology development for novel, practical, and quantitative anomaly detection. Specifically, she is analyzing causal relations of events and producing instructions for detecting anomalies in computer programs, systems, and networks.

About the College of Engineering at Virginia Tech

The College of Engineering (http://www.eng.vt.edu/) at Virginia Tech is internationally recognized for its excellence in 14 engineering disciplines and computer science. The college’s 6,000 undergraduates benefit from an innovative curriculum that provides a “hands-on, minds-on” approach to engineering education, complementing classroom instruction with two unique design-and-build facilities and a strong Cooperative Education Program. With more than 50 research centers and numerous laboratories, the college offers its 2,000 graduate students opportunities in advanced fields of study such as biomedical engineering, state-of-the-art microelectronics, and nanotechnology. Virginia Tech, the most comprehensive university in Virginia, is dedicated to quality, innovation, and results to the commonwealth, the nation, and the world.

Source: Virginia Tech

SC14 Virtual Booth Tours

AMD SC14 video AMD Virtual Booth Tour @ SC14
Click to Play Video
Cray SC14 video Cray Virtual Booth Tour @ SC14
Click to Play Video
Datasite SC14 video DataSite and RedLine @ SC14
Click to Play Video
HP SC14 video HP Virtual Booth Tour @ SC14
Click to Play Video
IBM DCS3860 and Elastic Storage @ SC14 video IBM DCS3860 and Elastic Storage @ SC14
Click to Play Video
IBM Flash Storage
@ SC14 video IBM Flash Storage @ SC14  
Click to Play Video
IBM Platform @ SC14 video IBM Platform @ SC14
Click to Play Video
IBM Power Big Data SC14 video IBM Power Big Data @ SC14
Click to Play Video
Intel SC14 video Intel Virtual Booth Tour @ SC14
Click to Play Video
Lenovo SC14 video Lenovo Virtual Booth Tour @ SC14
Click to Play Video
Mellanox SC14 video Mellanox Virtual Booth Tour @ SC14
Click to Play Video
Panasas SC14 video Panasas Virtual Booth Tour @ SC14
Click to Play Video
Quanta SC14 video Quanta Virtual Booth Tour @ SC14
Click to Play Video
Seagate SC14 video Seagate Virtual Booth Tour @ SC14
Click to Play Video
Supermicro SC14 video Supermicro Virtual Booth Tour @ SC14
Click to Play Video