News Release

UTSA wins global cyber security challenge

MIT Lincoln Lab awards UTSA top prize for AI-malware solution

Grant and Award Announcement

University of Texas at San Antonio


image: UTSA beats global competitors to develop an AI system that learns how to detect viruses and other harmful malware. view more 

Credit: UTSA

(Jan. 22, 2019) - The University of Texas at San Antonio (UTSA) has taken the top prize at an international competition for providing a better solution to detect malware using artificial intelligence. The AICS 2019 Challenge, sponsored by the Crowdstrike Foundation and organized by the MIT Lincoln Laboratory, tasked researchers from around the world to devise a system that can classify several types of extremely harmful malware which have adapted to evade IT security measures and can remain undetected inside computer systems for years.

Shouhuai Xu, director of UTSA's Laboratory for Cybersecurity Dynamics and professor in the UTSA Department of Computer Science, formed and led an international team that created a framework using deep neural networks to classify and detect the malware. The MIT Lincoln Laboratory made the challenge extra difficult because "white-hat" hackers had access to a limited training data set with an unbalanced number of malwares. Moreover, each competing team had to propose a real-world solution after being given access to the MIT testing data for just one week.

"The Challenge is as realistic as what a cyber defender would encounter in the wild, because little information about the 'attacks' is given to us," said Xu. "This exercise mimics what happens in the real world."

Malware remains a big threat to cyber security despite the tremendous countermeasures made by security organizations around the world. Close to 670 million malware variants are in cyberspace or at the disposal of hackers. What is more alarming is that the rate of malware that operates on unsuspecting computers has more than doubled since 2015.

"There is an urgency in solving the problem because computer malware writers are getting increasingly crafty so as to evade any existing detection system," said Xu. "This is the reason the AICS Challenge exists--to find prototypes for real world solutions."

Over 300 participants attempted to download and classify the malware data set provided by the MIT Lincoln Laboratory.

"We've held the event for the past three years, but this is the first time we've focused on adversarial learning and it's been the most successful," said William Streilein, Chair of the AICS Challenge and Group Leader of Cyber Analytics and Decision Systems - Group 58 at the MIT Lincoln Laboratory.

Xu with a cohort of cyber experts from Nanjing University of Science and Technology in China, West Virginia University and Florida International University proposed an adversarial training algorithm and a systematic framework to enhance the strength of deep learning that will detect adversarially and intelligently disguised viruses.

"Xu had the highest score in the challenge and a proposal that would serve as a really good paper," said Streilein.

UTSA's Xu will attend the 2019 Artificial Intelligence for Cyber Security (AICS) event affiliated with the Association for the Advancement of Artificial Intelligence (AAAI) conference at the end of this month to receive the award and present the research.

"Winning this challenge means that we are in the right direction toward ultimately solving the problem of adversarial malware detection against some of the craftiest attackers in the wild," said Xu.

UTSA is home to the No. 1 cybersecurity program in the nation, according to the Ponemon Institute, and has three Center of Academic Excellence designations in information assurance/cyber defense education, information assurance research and cyber operations from the National Security Agency and the Department of Homeland Security.


Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.