TUTORIAL – HALF DAY SESSION
AI Based Malware Detection

Abstract : Often computer/mobile users call everything that disturbs/corrupts their system a VIRUS without being aware of what it means or accomplishes. This tutorial systematically introduces the different malware varieties, their distinctive properties, different methods of analyzing the malware, and their detection techniques.

Introduction : Today computing devices like laptops, mobile phones, smart devices, etc., have penetrated very deep into our modern society and have become an integral part of our daily lives. Currently, more than half of the world’s population uses computers/mobile devices for their professional/personal needs. However, these computing devices are targeted by malware designers encouraged by profits/ gains associated with the attack. According to a recent report, monetary losses due to cybercrime are expected to reach 10 trillion dollars annually by 2025. The primary role in providing defense against malware attacks is designed and developed by the anti-malware community (researchers and the anti-virus industry). Traditionally anti-viruses are based on the signature, heuristic, and behavior based detection engines. However, these engines are unable to detect next-generation polymorphic and metamorphic malware. Thus researchers have started developing malware detection engines based on machine learning to complement the existing anti-virus engines. However, there are many open research challenges in these models like adversarial robustness, explainability, fairness, etc., which we are going to discuss in detail during the tutorial.

Outline of the Tutorial : This tutorial will cover fundamental techniques, limitations, open research problems and future directions in the field of malware analysis and detection. Following are the three specific learning outcomes:

• Audiences will get familiarity with different types of malware and their detection techniques.
• Applications of classification and clustering based frameworks for malware detection.
• Overview of significant research problems in the area of malware analysis and detection, results, and conclusions from the recent research papers.

Expected Length of the Tutorial : 3 hours

Outline of the Tutorial : Introductory (Discussion on few case studies and implementation of deep fakes using python modules)

1. Introduction to Malware
2. A short history of Malware (virus to malware)
3. 1^st Generation Malware
4. 2^nd Generation Malware
5. Traditional Malware Detection Systems
6. Static Malware Analysis
7. Challenges in Static Analysis
8. Dynamic Malware Analysis
9. Challenges in Dynamic Analysis
10. Malware Detection as a Classification Problem
11. Challenges in AI based Malware Detection Systems
    • Adversarial Robustness in Malware Detection Systems
    • Explainability in Malware Detection Systems
    • Fairness in Malware Detection Systems
    • Data Challenges and Routing based Malware Classification
12. Alternate Mechanisms for Malware Detection
    • Advanced Metamorphic Malware Generation
    • Malware Normalization as a Defense Strategy
13. Open Research Problems and Future Directions

Target Audience :

Senior undergraduate students (B.E.), postgraduate students (M.E./M.Tech./M.S.), PhD. students, faculty members, and researchers working or interested in the area of malware analysis and detection.

Pre-requisite :

• Basic knowledge of the operating system (Windows/Android)
• Understanding of assembly codes & C programming language
• Familiarity with classification and clustering techniques (Desirable)

Instructors :

Mohit Sewak is an Artificial Intelligence and Cybersecurity researcher with over 15 years of experience in designing innovative AI software and solutions. Mohit holds more than a dozen patents across the US, India, and worldwide for innovative AI solutions that empower many international products. Mohit is the author of multiple AI book titles on topics including technologies like Deep Reinforcement Learning and Convolutional Neural Networks. Mohit’s research is focused on designing AI-based malware and other advanced threat detection and protection systems. Currently, Mohit is serving as a Principal Data Scientist for Security & Compliance Research at Microsoft R&D, India.

Email : mohit.sewak@microsoft.com

Hemant Rathore is currently working as Assistant Professor at the Department of CS and IS at BITS Pilani, Goa Campus, India. Before joining academics, he was working in the area of computer security for three years at Symantec, India. His Ph.D. is on the topic of Adversarial Robustness and Explainability in Malware Detection Models. His research interests are in the area of Malware Analysis, Network Security, Machine Learning, and Operating Systems. He has guided several undergraduate and postgraduate students in their independent research projects and published many research papers in reputed journals/conferences.

Email : hemantr@goa.bits-pilani.ac.in