Using Knowledge Graphs and Reinforcement Learning for Malware Analysis
| dc.contributor.author | Piplai, Aritran | |
| dc.contributor.author | Ranade, Priyanka | |
| dc.contributor.author | Kotal, Anantaa | |
| dc.contributor.author | Mittal, Sudip | |
| dc.contributor.author | Narayanan, Sandeep Nair | |
| dc.contributor.author | Joshi, Anupam | |
| dc.date.accessioned | 2020-12-10T19:31:01Z | |
| dc.date.available | 2020-12-10T19:31:01Z | |
| dc.description | IEEE International Conference on Big Data 2020 | |
| dc.description.abstract | Machine learning algorithms used to detect attacks are limited by the fact that they cannot incorporate the background knowledge that an analyst has. This limits their suitability in detecting new attacks. Reinforcement learning is different from traditional machine learning algorithms used in the cybersecurity domain. Compared to traditional ML algorithms, reinforcement learning does not need a mapping of the input-output space or a specific user-defined metric to compare data points. This is important for the cybersecurity domain, especially for malware detection and mitigation, as not all problems have a single, known, correct answer. Often, security researchers have to resort to guided trial and error to understand the presence of a malware and mitigate it. In this paper, we incorporate prior knowledge, represented as Cybersecurity Knowledge Graphs (CKGs), to guide the exploration of an RL algorithm to detect malware. CKGs capture semantic relationships between cyber-entities, including that mined from open source. Instead of trying out random guesses and observing the change in the environment, we aim to take the help of verified knowledge about cyber-attack to guide our reinforcement learning algorithm to effectively identify ways to detect the presence of malicious filenames so that they can be deleted to mitigate a cyber-attack. We show that such a guided system outperforms a base RL system in detecting malware. | en_US |
| dc.description.sponsorship | The authors would like to thank Dr. Mahmoud Abdelsalam and Dr. Maanak Gupta for the dataset used in this work. This work was supported by a United States Department of Defense grant, a gift from IBM research, and a National Science Foundation (NSF) grant, award number 2025685. | en_US |
| dc.description.uri | https://ebiquity.umbc.edu/paper/html/id/960/Using-Knowledge-Graphs-and-Reinforcement-Learning-for-Malware-Analysis | en_US |
| dc.format.extent | 8 pages | en_US |
| dc.genre | conference papers and proceedings preprints | en_US |
| dc.identifier | doi:10.13016/m2fgcw-n1ui | |
| dc.identifier.citation | Aritran Piplai, Priyanka Ranade, Anantaa Kotal, Sudip Mittal, Sandeep Nair Narayanan, and Anupam Joshi, Using Knowledge Graphs and Reinforcement Learning for Malware Analysis; IEEE International Conference on Big Data 2020 | en_US |
| dc.identifier.uri | http://hdl.handle.net/11603/20231 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | IEEE | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.rights | © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | |
| dc.subject | reinforcement learning | en_US |
| dc.subject | knowledge graphs | en_US |
| dc.subject | cybersecurity | en_US |
| dc.subject | artificial intelligence | en_US |
| dc.subject | UMBC Ebiquity Research Group | |
| dc.title | Using Knowledge Graphs and Reinforcement Learning for Malware Analysis | en_US |
| dc.type | Text | en_US |
Files
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 2.56 KB
- Format:
- Item-specific license agreed upon to submission
- Description: