News Release

UTSA wins NSF grant to create machine-learning system to unmask malware attacks

Machine-learning program will scan for malware disguises

Grant and Award Announcement

University of Texas at San Antonio

Professor Shouhuai Xu

image: Professor Shouhuai Xu inside his office and surrounded by his research that will help create a malware classification and detection program that will unmask the disguises malicious software use to penetrate networks. view more 

Credit: UTSA

(San Antonio, Oct. 1st, 2018) -- They still don't know how long they had been planning the attack. Either way, the hackers with several strokes of a keyboard, unleashed a malware that hijacked the City of Atlanta's computer systems. Mayor Keisha Laice Bottoms at the time called it a "hostage situation." Sam Sam, the group thought to be the masterminds behind the attack, now demanded thousands in bitcoins or they would continue to freeze access to databases and cripple key departments in the city.

Information management teams caught off guard as to when the infiltration occurred now scrambled to contain the damage. Atlanta, a major global transportation hub, became a victim of one of the largest ransomware attacks in a U.S. city within a matter of moments.

In an effort to prevent another occurrence like Atlanta, Professor Shouhuai Xu, director of the Laboratory for Cybersecurity Dynamics at The University of Texas at San Antonio, proposes the creation of a malware recognition algorithm which will unmask malicious software, and with a new grant from the National Science Foundation (NSF) this may become a reality.

"It's like a mirror that shows us what is really there," says Xu about the idea behind his approach to be able to detect the "cosmetic" changes that malicious software uses to camouflage appearances and infiltrate systems. His method will also explore why certain defensive mechanisms are less or more vulnerable.

The NSF grant awarded Professor Xu is valued close to $500,000 to develop the machine-learning algorithm which will also have the task to categorize the large number of malware in the wild, which was 669,000 million in 2017 according to a Symantec estimate.

"It's like biology. When we encounter a new virus you either defeat it or survive it. The immune system learns to recognize the virus, we are mimicking that defense and going beyond by unmasking the disguised new threats," added Xu.

News of the NSF award to the UTSA professor first came from Congressman Joaquin Castro's (TX-20) office.

"As we continue to combat growing cyber threats against our nation and our allies abroad, I welcome this federal grant from the National Science Foundation (NSF) that will help our city continue developing effective countermeasures against sophisticated cyber-attacks," said Congressman Castro in a press release.

The grant will go into effect October 1, 2018 and run through September 30, 2021. And although the award is a step in the countermeasure defensive industry, according to 2018 international estimates from Lloyds of London, about $127 billion are the estimated costs due to cyberattacks.

Professor Xu's idea is but one approach of many that will be required to build up the cyber resistance. Hackers constantly rely on evasion techniques in this current game of cat and mouse.

"This is the new arms race. We frequently have to elevate our defense and security will always be an open problem. There is no silver bullet," says Xu about the never-ending war of protecting cyber space.


For more information on this story, please click here.

Home of Cyber City USA, San Antonio leads the nation in cyber security research and development with The University of Texas San Antonio (UTSA) playing a critical role. UTSA made news when it secured funding to open its National Security Collaboration Center (NSCC).

Disclaimer: AAAS and EurekAlert! are not responsible for the accuracy of news releases posted to EurekAlert! by contributing institutions or for the use of any information through the EurekAlert system.