SBIR Phase I: Building Extensible and Customizable Binary Code Analytics Engine for Malware Intelligence as a Service
Deepbits Technology Llc, Riverside CA
Investigators
Abstract
The broader impact/commercial potential of this Small Business Innovation Research (SBIR) Phase I project is to spark more cybersecurity innovations, by reducing the R&D expenditures via providing fundamental security analytics tools as a service. Global cybersecurity spending is increasing significantly year over year. Enormous R&D resources have been invested in the development of a range of security products to meet this market. However, different security product providers repeatedly build the fundamental security analytics tools and use them to further develop different innovative security solutions. That is a huge waste of R&D resources. The proposed solution reduces the R&D expenditure of customers and lowers the entry bar for the growing cybersecurity market. With the lowered entry bar, the company anticipates that more innovations will be put into practice. As a result, with the increased competition and reduced R&D expenditure, the company expects a reduction in cybersecurity spending by companies and the government. This Small Business Innovation Research (SBIR) Phase I project focuses on malware intelligence, which has been a long-standing as well as increasingly complex cybersecurity problem. Traditional signature based detection and manual reverse engineering approaches can no longer keep up with the pace of increasingly sophisticated obfuscation and attack techniques. The objective of this project is to develop a security analysis tool for malware intelligence by combining the following two unique techniques: "whole-system emulation based dynamic binary analysis" and "deep-learning based binary code similarity detection". The first technique provides a fine-grained monitor capability to observe the behaviors of malware. The second technique provides the capability of learning and characterizing complex features. By combining these two techniques, the proposed technology will be able to better understand malware and generate actionable intelligence.
View original record on NSF Award Search →