Two new technologies to address “malicious software” have been developed by the Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Cyber Security Division (CSD), which has made it a top priority to develop tools to prevent these malware attacks before they can do harm.
“Our aim is to work with our private sector partners to protect the nation’s critical infrastructure systems and commercial marketplace,” said S&T Cyber Security Division Director Douglas Maughan. “Showcasing and, most importantly, transitioning these technologies into the commercial market will be impactful to all organizations engaged in securing cyberspace and protecting various organizations such as government, public utilities and healthcare.”
One of these technologies is the Federated Malware Analysis System (FMAS), a CSD-funded technology S&T said is “aimed at countering the strengths of a malware attacker. Many malware analysis solutions ‘cluster’ malware behaviors into ‘families’ so it is easier. The FMAS tools are used to detect malware based on how they respond in an environment.”
Additionally, the directorate said, “CSD is working with several malware detection technologies through its Transition to Practice (TTP) program, which identifies government-funded technologies being developed in the lab that have the potential to improve the nation’s cybersecurity posture. In 2015, S&T introduced two technologies – that join three of TTP’s existing technologies in addressing malware. CSD will introduce one of these solutions at the TTP Technology Demonstration Day for Investors, Integrators and IT Companies-West in Santa Clara, California June 9.
“We are looking forward to taking these technologies on the road because we know these solutions can impact the cyber landscape that the Department is working to protect,” said S&T Cyber Security Division Transition to Practice Program Manager Michael Pozmantier. “These events allow us to develop partnerships with the cyber-operations and business community—ultimately helping to accelerate transition.”
The two technologies, AMICO and ZeroPoint, both featured in this year’s TTP guide, aim to send malware alerts in real time, classify malware for future attacks and inspect data to identify what the malware aims to do, and stop it before it does harm.
“CodeDNA approaches malware detection using bioinformatics in order to learn the unique attributes of malicious code and find other instances where the code is used. Hyperion, a recently commercialized technology to R&K Cyber Solutions LLC, mathematically calculates the behavior of software allowing companies to thoroughly test and validate their software. MLSTONES also uses bioformatics and quickly categorizes data and compares attributes of the data to determine if it poses a threat,” S&T said in its announcement.
The 2015 TTP guide gives a full listing and description of these technologies. If you have an interest in these or other emerging technologies, read this year’s Transition to Practice Guide or email: ST.TTP@hq.dhs.gov. To learn more about CSD’s research and development projects, visit www.dhs.gov/cyber-research.