NSF Award
2300405
HBCU-UP’s Research Initiation Awards provide support for STEM faculty to pursue research activities to further their research capabilities and effectiveness and help enhance research and teaching at HBCUs. This project at Alabama State University will conduct research aimed at developing new integrated artificial intelligence (AI)-based models to automatically detect web application logic vulnerabilities and to protect cyberspace from ever-evolving evasive malware-based cyberattacks. Cyberspace is now a foundation of our nation's economy and vital to our national security. The threat posed by cyberattacks is growing and this this initiative represents a new research area (AI-based cybersecurity) at the institution, an HBCU with more than 92% underrepresented minority undergraduates in STEM. This project will improve teaching and learning through the development of innovative methods for incorporating cybersecurity and secure software development methodologies into teaching and undergraduate research projects across multiple STEM disciplines, including but not limited to Computer Science, Mathematics, Biology, and Biomedical Engineering, thus having a broader impact on the STEM majors, their professional development, and retention. This project will expand the nation's cyber security workforce, with a focus on engagement of students from minoritized groups.<br/><br/>Cybercriminals utilize polymorphic malware to avoid antivirus protection by changing the binary code or script. They use trojanized apps, tools, and services to spread highly elusive malware. Evasive malware requires an efficient, resilient, and scalable malware detection mechanism. Modern data processing and malware defense solutions are needed. The goal of the proposed research is to develop an integrated AI-based model to defend against present and future evasive malware attacks. The specific aims of this project are to: 1) elucidate the factors that influence the security and vulnerabilities, 2) develop a new AI-based model for the automatic discovery of malwares through static analysis, 3) develop a new black-box AI-based model for the automatic discovery of malwares strains through dynamic analysis, 4) develop a cybersecurity testbed for training and evaluating cybersecurity operations, 5) providing cybersecurity datasets to researchers, 6) train HBCU undergraduate students in cybersecurity through undergraduate research projects, and 7) improve public cybersecurity awareness through community workshops and outreach events. The project goal will be achieved through a two-stage (static and dynamic analysis) strategy that combines the following AI techniques: graphical neural networks (GNN), fuzzy/similarity hashing (SSDEEP), and bidirectional Mass-Conserving Long Short-Term Memory (biMC-LSTM) deep-learning network. This project's intellectual contribution will consist of 1) two novel AI-based black-box models designed to combat malware evasion tactics, and 2) a revolutionary deep-learning neural network model called bidirectional MC-LSTM, which will help cybersecurity experts predict cyber occurrences and conduct digital forensics on past events, 3) a method for extracting software program behavior from unstructured event records using a graphical deep neural network (GNN). This will assist researchers in identifying similarities between malware families and preventing recurrence of similar events.<br/><br/>This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
