project plan
play

Project Plan Defeating Malware Payload Obfuscation The Capstone - PowerPoint PPT Presentation

Jun 21, 2023 •14 likes •134 views

Project Plan Defeating Malware Payload Obfuscation The Capstone Experience Team Proofpoint Nick Lojewski Adam Johanknecht Dan Somary Vivian Qian Derek Renusch Department of Computer Science and Engineering Michigan State University Spring

  1. Project Plan Defeating Malware Payload Obfuscation The Capstone Experience Team Proofpoint Nick Lojewski Adam Johanknecht Dan Somary Vivian Qian Derek Renusch Department of Computer Science and Engineering Michigan State University Spring 2019 From Students… …to Professionals

  2. Functional Specifications • Create a machine learning system to classify files as malicious or benign ▪ Accuracy goal: have at least the same accuracy as sandbox detonation ▪ Performance goal: be at least 50% faster than detonation in Cuckoo • Display information in web dashboard ▪ High level system information ▪ Ability to look at details for individual files The Capstone Experience Team Proofpoint Project Plan Presentation 2

  3. Design Specifications • System Overview ▪ Files will be placed in the queue by Proofpoint’s process ▪ Extract file metadata and feed that into Machine Learning algorithm ▪ Machine Learning algorithm will classify the file as benign or malicious • Web Application ▪ System Overview ▪ Display detailed file information ▪ System Health • Machine Learning Framework ▪ Train a Machine Learning algorithm to accurately detect malicious files ▪ Determine characteristics of files that point to malicious behavior ▪ Malware that can’t be classified will be detonated in Cuckoo The Capstone Experience Team Proofpoint Project Plan Presentation 3

  4. Screen Mockup: Job Pipeline The Capstone Experience Team Proofpoint Project Plan Presentation 4

  5. Screen Mockup: File Drill Down The Capstone Experience Team Proofpoint Project Plan Presentation 5

  6. Screen Mockup: System Health The Capstone Experience Team Proofpoint Project Plan Presentation 6

  7. Screen Mockup: Manual File Submission The Capstone Experience Team Proofpoint Project Plan Presentation 7

  8. Technical Specifications • Backend Analysis ▪ Python controller is used to collect and determine file types and other characters ▪ Yara and pefile for initial file attribute collection on file samples ▪ TensorFlow and Keras are used as Machine Learning Algorithms ▪ Cuckoo is used if Machine Learning Algorithms cannot find definitive classification • Frontend ▪ HTML5 and Bootstrap CSS ▪ JavaScript and Node.js The Capstone Experience Team Proofpoint Project Plan Presentation 8

  9. System Architecture The Capstone Experience Team Proofpoint Project Plan Presentation 9

  10. System Components • Hardware Platforms ▪ Proofpoint VMware ESXI server hypervisor ▪ Ubuntu virtual machines • Software Platforms / Technologies ▪ VS Code, PyCharm ▪ Python 3 ▪ Cuckoo ▪ TensorFlow + Keras The Capstone Experience Team Proofpoint Project Plan Presentation 10

  11. Risks • Feasibility of using Machine Learning to analyze categories of malware ▪ It is not known if it is possible to encompass all different types of malware using a single machine learning algorithm. ▪ Mitigation: Try to have our feature extraction be as modular as possible so that when it feeds into the machine learning algorithm, the algorithm does not need to worry about different file types. • Determining what file characteristics can classify malware ▪ For the ML algorithm to learn, it must be fed many files and analyze the characteristics of those files to learn what is malware. It is difficult to determine what characteristics can be used to detect malware. ▪ Mitigation: Trial and error research into what kind of characteristics are consistent across different malware files and attempting to detect them with those characteristics before training the algorithm on it. • Identifying steganography ▪ The malware our project is concerned with is hidden within various payload files. It is not known if this can be detected without a full detonation. ▪ Mitigation: Measure entropy to determine encryption. Also check for hidden values in least significant bits of RGB values in pictures. • Meeting target performance requirements ▪ For our project to be successful, it must be able to detect and classify malware at a faster rate than sandbox detonation but with just as much accuracy. ▪ Mitigation: Design our algorithms with the best practices in mind and strive to have high efficiency and accuracy. The Capstone Experience Team Proofpoint Project Plan Presentation 11

  12. Questions? ? ? ? ? ? ? ? ? ? The Capstone Experience Team Proofpoint Project Plan Presentation 12

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Best Available Technology SUPPLEMENTAL INFORMATION VMT C-Plan Components 4 Plan

Best Available Technology SUPPLEMENTAL INFORMATION VMT C-Plan Components 4 Plan

Valdez Marine Terminal Oil Discharge Prevention and Contingency Plan Linda Swiss, C-Plan Project Manager Austin Love, TOEM Project Manager September 2015 PWSRCAC Board Meeting VMT C-Plan update Contingency plans Plan review/renewal

600 views • 8 slides
Dow ntow n Transportation Plan 1 D O W N T O W N T O L E D O T R A N S P O R T A T I O N P L A

Dow ntow n Transportation Plan 1 D O W N T O W N T O L E D O T R A N S P O R T A T I O N P L A

05.22.18 Public Meeting #1 Dow ntow n Transportation Plan 1 D O W N T O W N T O L E D O T R A N S P O R T A T I O N P L A N Project Introduction Project Team Project Purpose Jean M. Hartline, PE, PTOE Develop a plan that promotes a

572 views • 46 slides
T-7 6 .6 1 2 Softw are Project Managem ent Face Wash Project Plan Tero Jantunen Tuomas

T-7 6 .6 1 2 Softw are Project Managem ent Face Wash Project Plan Tero Jantunen Tuomas

T-7 6 .6 1 2 Softw are Project Managem ent Face Wash Project Plan Tero Jantunen Tuomas Jrvensivu Tommi Kokki Juha Laitinen 28.4.2005 Face Wash Project Plan 1 Project scope and goals Renew all the Customer Order Process (COP)

308 views • 14 slides
PROJECT CONCEPT 1 Serena 24 Aug 2016 Master plan view PROJECT CONCEPT 3 Project Location and

PROJECT CONCEPT 1 Serena 24 Aug 2016 Master plan view PROJECT CONCEPT 3 Project Location and

PROJECT CONCEPT 1 Serena 24 Aug 2016 Master plan view PROJECT CONCEPT 3 Project Location and Access Arabian Ranches Serena Arabian Ranches 2 AlWaha Layan Mudon 4 Project Master Plan 5 Type A 3 Bedroom + Maid Semi Detached PROJECT

566 views • 20 slides
Strategic Plan Facility Project Descriptions Forest B Project Description Next

Strategic Plan Facility Project Descriptions Forest B Project Description Next

SCH News & Updates Strategic Plan Facility Project Descriptions Forest B Project Description Next Steps Our new strategic plan sets us up for success in a rapidly changing health care environment. It allows us to be

873 views • 36 slides
Project Management and Testing Resource Plan Resource Plan Phases and Milestones Activities and

Project Management and Testing Resource Plan Resource Plan Phases and Milestones Activities and

Project Management and Testing Resource Plan Resource Plan Phases and Milestones Activities and Deliverables Budget and Resources 1 Project Plan Project Plan Introduction - Goal Organization Phases and Milestones Activities and

530 views • 30 slides
Role Interpreter Presentation I Kyle Hill Agenda Project Overview Project Requirements

Role Interpreter Presentation I Kyle Hill Agenda Project Overview Project Requirements

GMoDS-based Runtime Agent Role Interpreter Presentation I Kyle Hill Agenda Project Overview Project Requirements Project Plan Cost Estimation Architecture Elaboration Plan SQA Plan Initial Prototype Demonstration

432 views • 15 slides
My Project By- Dylan chapley Planning process I started to plan my project about a week after

My Project By- Dylan chapley Planning process I started to plan my project about a week after

My Project By- Dylan chapley Planning process I started to plan my project about a week after getting back from camp, the original plan was to help improve my community by fixing and cleaning up/ - After I realised it would be too hard to do

666 views • 9 slides
Project Plan and Progress Presentation Project Partner: TexProtects Project Name: TexProtects

Project Plan and Progress Presentation Project Partner: TexProtects Project Name: TexProtects

Project Plan and Progress Presentation Project Partner: TexProtects Project Name: TexProtects Tutorials Team Introduction Jacob Lancaster Mauhib Iqbal Role: Project Leader Role: Project Manager Field: Computer Science Field: Computer

384 views • 17 slides
Comprehensive Plan Summary A proposed amendment to the Boulder County Comprehensive Plan One of

Comprehensive Plan Summary A proposed amendment to the Boulder County Comprehensive Plan One of

Allenspark Regional Comprehensive Plan Summary A proposed amendment to the Boulder County Comprehensive Plan One of five Proposals Developed by 747 Community Project Over 75 open publically-announced meetings Project website Project

513 views • 50 slides
Initial Action Plan of Pilot Project (QM-OBS) Initial Action Plan of Pilot Project (QM OBS) and

Initial Action Plan of Pilot Project (QM-OBS) Initial Action Plan of Pilot Project (QM OBS) and

Initial Action Plan of Pilot Project (QM-OBS) Initial Action Plan of Pilot Project (QM OBS) and Workshop Structure Workshop Structure Coordinator of the Pilot project (QM-OBS) Hakaru MIZUNO (Japan Meteorological Agency) 1 Background 14 th

399 views • 12 slides
Development of a Prosumer Driven Integrated Smart Grid Project plan and discussion 28 August

Development of a Prosumer Driven Integrated Smart Grid Project plan and discussion 28 August

Development of a Prosumer Driven Integrated Smart Grid Project plan and discussion 28 August 2018, New Delhi Outline Concept Project Objectives Key Project Deliverables Work Packages and Outcomes Strategic Plan Team

246 views • 22 slides
Site Plan Review Committee #1 May 16, 2019 Verizon Site Project Site Plan #244 Rezoning 400

Site Plan Review Committee #1 May 16, 2019 Verizon Site Project Site Plan #244 Rezoning 400

Site Plan Review Committee #1 May 16, 2019 Verizon Site Project Site Plan #244 Rezoning 400 11th Street South Presentation Outline Land Use and Zoning Site Background Proposal Summary Crystal City Sector Plan Guidance

232 views • 19 slides
ORIO Project Plan Project definition, financial, commercial and economic analyses Content

ORIO Project Plan Project definition, financial, commercial and economic analyses Content

ORIO Project Plan Project definition, financial, commercial and economic analyses Content presentation Components project plan Project definition Why is it important? Financial Sustainability What information is necessary?

146 views • 14 slides
2018-2022 Capital Plan Preliminary Plan: Board Presentation August 28, 2017 1 Project

2018-2022 Capital Plan Preliminary Plan: Board Presentation August 28, 2017 1 Project

Lehigh County Authority 2018-2022 Capital Plan Preliminary Plan: Board Presentation August 28, 2017 1 Project Prioritization Categories Project Category Description Regulatory Required to meet Regulatory requirements New Cust New

465 views • 44 slides
PLAN FOR ASHUELOT RAIL TRAIL A P I L OT P R O J E C T AGENDA Introductions Project

PLAN FOR ASHUELOT RAIL TRAIL A P I L OT P R O J E C T AGENDA Introductions Project

PLAN FOR ASHUELOT RAIL TRAIL A P I L OT P R O J E C T AGENDA Introductions Project Background Project Scope & Timeline Online Questionnaire Discussion Next Meeting (Late July) Adjourn 5/3/2018 Project Advisory

306 views • 19 slides
Name Date Place Extraction in unstructured text Automatically scan machine-readable text to

Name Date Place Extraction in unstructured text Automatically scan machine-readable text to

Name Date Place Extraction in unstructured text Automatically scan machine-readable text to locate name, date, and place information The Problem It's difficult to: Find pertinent information in long documents Make accurate queries

454 views • 14 slides
Chicago International Conference on Education: Guidelines for Poster Preparation Contents:

Chicago International Conference on Education: Guidelines for Poster Preparation Contents:

Chicago International Conference on Education: Guidelines for Poster Preparation Contents: Deadline and format General aim Design and layout specifications Lettering Visuals Text What conference will provide

471 views • 4 slides
LP Tasks & Informa/on Management This presenta,on 1 provides an overview of the services and

LP Tasks & Informa/on Management This presenta,on 1 provides an overview of the services and

LP Tasks & Informa/on Management This presenta,on 1 provides an overview of the services and integra,ons I use to manage my tasks and digital informa,on. Click on the links to learn more about the services featured throughout. You will see

199 views • 9 slides
Presenting a Master Thesis in Electric Pow er System s As a student in the Degree Project course,

Presenting a Master Thesis in Electric Pow er System s As a student in the Degree Project course,

Electric Power Systems Lab EG2 0 1 X DEGREE PROJECT I N ELECTRI C POW ER SYSTEMS 27 September 2011 Presenting a Master Thesis in Electric Pow er System s As a student in the Degree Project course, you will give several oral presentations of

276 views • 4 slides
SPRING GROVE VILLAGE 2.0 NEIGHBORHOOD PLAN KICK-OFF WELCOME! SGV

SPRING GROVE VILLAGE 2.0 NEIGHBORHOOD PLAN KICK-OFF WELCOME! SGV

SPRING GROVE VILLAGE 2.0 NEIGHBORHOOD PLAN KICK-OFF WELCOME! SGV 2.0 PLAN 2 INTRODUCTIONS SGV 2.0 PLAN 3 SGV 2.0: THEN + NOW SGV 2.0 PLAN 4 WHY DO WE NEED A NEIGHBORHOOD PLAN?

393 views • 23 slides
A creditors state law setoff right can be a its setoff rights to reduce its claim against the

A creditors state law setoff right can be a its setoff rights to reduce its claim against the

66CanalCenterPlaza,Suite600Alexandria,VA22314(703)739-0800Fax(703)739-1060www.abi.org LowensteinSandler LowensteinSandler (ABI,2011).

519 views • 3 slides
www.invest.ruhr The first digital platform for real estate for a whole region #EXPO REAL: Europes

www.invest.ruhr The first digital platform for real estate for a whole region #EXPO REAL: Europes

www.invest.ruhr The first digital platform for real estate for a whole region #EXPO REAL: Europes biggest fair for real estate

112 views • 8 slides
Bethels Student Learning Platform 2020-21 Survey data - too many platforms Adopted

Bethels Student Learning Platform 2020-21 Survey data - too many platforms Adopted

Bethels Student Learning Platform 2020-21 Survey data - too many platforms Adopted platform use Bethel Virtual Academy All Secondary students for both Blended & Remote Learning Needed platform to be flexible in the

294 views • 5 slides

More recommend