Author Attribution of Binaries (available)

Attributing binaries, whether malicious or benign, is a difficult and time consuming task however, there is an increase demand for this either for attributing cyber attacks or preventing plagiarism. The goal of this project is to use machine learning to predict authorship of binaries. You will use a corpus of open source software either for … full description “Author Attribution of Binaries (available)”

Control Flow Graph Reconstruction using Control-Flow Integrity (ongoing)

Control flow graphs (CFGs) show the set of possible flows a computer program can have at run-time, in particular, how a certain target can be reached inside (binary) code. CFG are incredibly useful in almost any program analysis technique. For example, when reverse engineering, the control flow graph is the main component to build on … full description “Control Flow Graph Reconstruction using Control-Flow Integrity (ongoing)”

Machine Learning vs Machine Learning in Malware Evasion (available)

Machine learning is a popular approach to signature-less malware detection because it can generalize to new (unseen) malware families. Some recent works have proposed the use of AI/ML-powered malware to bypass machine learning anti-malware systems. The goal of the project is to model the system of malware vs anti-malware systems as two opponents using various … full description “Machine Learning vs Machine Learning in Malware Evasion (available)”

Mathematical Modelling of Cyber-Attackers vs Defenders using AI/ML (available)

Machine learning is a popular approach to signature-less malware detection because it can generalize to new (unseen) malware families. Some recent works have proposed the use of AI/ML-powered malware to bypass machine learning anti-malware systems (for instance, adversarial machine learning). The goal of the project is to model the system of malware vs anti-malware systems … full description “Mathematical Modelling of Cyber-Attackers vs Defenders using AI/ML (available)”

Virtual Trusted Platform Module (vTPM) Migration in Cloud Environments (available)

TPM (Trusted Platform Module) is a computer chip (microcontroller) that can securely store artifacts used to authenticate a computer platform. For instance, a TPM can be used to store platform measurements that help ensure that the platform remains trustworthy. Authentication (ensuring that the platform can prove that it is what it claims to be) and … full description “Virtual Trusted Platform Module (vTPM) Migration in Cloud Environments (available)”