Dr. Tamim Ahmed Khan

PhD Theme/Topic: A Novel Obfulsifier Framework to Detect, Test and Effectively Prevent Intrusion of Obfuscated Android Malware

Supervisor: Dr. Tamim Ahmed Khan, Sr. Professor
Contact #: 0346-5340804
Email:
Campus/School/Dept: BSEAS H-11/SE
RAC Approved Supervisor for Research Areas:

Supervisory Record:
PhD Produced: 04
PhD Enrolled: 01
MS/MPhil Produced: 61
MS/MPhil Enrolled:   04

Topic Brief Description: 

Software and systems security requirements have increased their importance with the increasing use of mobile devices; for accessing data over the internet. There is a noticeable volume of sensitive data such as personal information, financial transactions records, and access organizational data that bears the potential of misuse and needs up-to-date security arrangements. Mobile applications development has obtained a fast growth rate. Attackers have found ways to bypass security frameworks and classifiers despite advancements in classification and detection mechanisms. This has created a requirement that systems should differentiate between permissible and malicious data access. The use of undocumented or malicious libraries and APIs for developmental purposes has further deteriorated the situation. Not only the user's security is at stake the integrity and reliability of developing companies and developer have also affected. The testing and the implementation of security requirements are the keys to addressing the issue. Static attacks are those that may sustain their behavior whereas dynamic attacks are those that may modify their approach of attack as and when required. Obfuscation is a method to hide coding strategy. It is a technique used to make the source code meaningless, difficult to comprehend and interpret. Despite its positive use for security the malware experts also take leverage of this amazing technique. Malware experts use different obfuscation and mutation techniques to deceive the detectors.  Hence, there is a need to review existing researches which have suggested solution for obfuscated malware situation. We are intent to device frameworks and techniques that support detection of conventional and unconventional malware, attacks, and vulnerabilities by identifying system behavior on variants. We plan to propose a technique that helps developers to build an auto-learnable detector. Such detectors would be more resilient against unknown obfuscated samples or the mutated variant of the original family of malware and they would be able to handle zero-day attacks more appropriately. 

Research Questions:

1. RQ 1.  How obfuscated malware and its behavioral data can be helpful in the improvement of detection mechanisms?
2. RQ 2.  How effectively AI can be used for the generation of family-based mutated variants.
   1. How mutated samples of malware are similar to fake samples created by the adversarial network?
   2. Limitation of a data sample of variant can be overcome in case of training against obfuscated samples?
   3. How effective are the AI-biased samples for enhancing detectors' efficiency?
3. RQ 3.  How obfuscation malware data can be helpful in dynamically improving fault/malware prediction by using auto-learning detectors? 

Research Objectives/Deliverables:

1.  To study obfuscated malware behavior and associated datasets.
2.  To develop generative variants of misuse cases so that model is improved accordingly and to study the relation between actual malware working and working of variants.
   • To examine the performance of the GAN-generated data set on deep Learning malware detection for Android solution and to examine the indicated features of obfuscated malware.
   • To differentiate between mutation and training by fake samples.
3. To develop machine learning models to be used to do fault predictions and to develop counterexamples. 

Candidate’s Eligibility Profile:

1. The applicant must have an MS/MPhil/Equivalent degree in software engineering / computer science with CGPA > 3.0. Besides, applicants must have a strong background in mathematics, optimization theory and related fields.
2. Experience with programming languages such as Python is advantageous. Candidates should have excellent communication skills to actively contribute to team research efforts.
3. Proficiency in spoken and written English is essential. We value independence and responsibility while promoting teamwork and collaboration among colleagues.