Research Project Title:
Investigating Representations of Malicious PowerShell
abstract:PowerShell is a popular scripting language amongst malware creators due to its widespread use and access to critical system functions. Attackers can use PowerShell to inject malware directly into memory, enhance obfuscation and evade malware detection software. The upward trend in malicious PowerShell attacks motivates our goal of developing malware classifiers robust to obfuscation. This project studies different representations of code and different types of obfuscations to investigate their influence on the performance of existing malware classifiers and ultimately to determine the representation that minimizes the effect of obfuscation.
"Participating in SuperUROP is a great opportunity for me to keep learning outside of the classroom and gain new skills. This project will introduce me to hands-on program analysis, designing and implementing novel deep learning models, and rigorous data analysis. I am excited to apply my academic knowledge and previous experience to tackle real-world problems awaiting solutions while making valuable contribution to my research group."