Malware Analysis Using Artificial Intelligence and Deep Learning

​This book is focused on the use of deep learning (DL) and artificial intelligence (AI) as tools to advance the fields of malware detection and analysis. The individual chapters of the book deal with a wide variety of state-of-the-art AI and DL techniques, which are applied to a number of challenging malware-related problems. DL and AI based approaches to malware detection and analysis are largely data driven and hence minimal expert domain knowledge of malware is needed.

This book fills a gap between the emerging fields of DL/AI and malware analysis. It covers a broad range of modern and practical DL and AI techniques, including frameworks and development tools enabling the audience to innovate with cutting-edge research advancements in a multitude of malware (and closely related) use cases.

Mark Stamp has extensive experience in information security and machine learning, having worked in these fields within academic, industrial, and government environments. After completing his PhD research in cryptography at Texas Tech University, he spent more than seven years as a cryptanalyst with the United States National Security Agency (NSA), followed by two years developing a digital rights management product for a Silicon Valley start-up company. Since 2002, Dr. Stamp has been a Professor in the Department of Computer Science at San Jose State University, where he teaches courses in machine learning and information security. To date, he has published more than 140 research papers, most of which deal with problems at the interface between machine learning and information security. Dr. Stamp served as co-editor of the Handbook of Information and Communication Security (Springer, 2010), and he is the author of four books, including a popular information security textbook(Information Security: Principles and Practice, 2nd edition, Wiley, 2011) and, most recently, a machine learning textbook (Introduction to Machine Learning with Applications in Information Security, Chapman and Hall/CRC, 2017).

Mamoun Alazab received his PhD degree in Computer Science from the Federation University of Australia, School of Science, Information Technology and Engineering. He is currently an Associate Professor in the College of Engineering, IT and Environment at Charles Darwin University, Australia. He is a cyber-security researcher and practitioner with industry and academic experience. Dr. Alazab's research is multidisciplinary, with a focus on cyber security and digital forensics of computer systems, including current and emerging issues in the cyber environment, such as cyber-physical systems and the Internet of Things. His research takes into consideration the unique challenges present in these environments, with an emphasis on cybercrime detection and prevention. He has a particular interest in the application of machine learning as an essential tool for cybersecurity, examples of which include detecting attacks, analyzing malicious code, and uncovering vulnerabilities in software.  He is the Founder and the Chair of the IEEE Northern Territory Subsection (February 2019 - present), a Senior Member of the IEEE, Cybersecurity Academic Ambassador for Oman's Information Technology Authority (ITA), and Member of the IEEE Computer Society's Technical Committee on Security and Privacy (TCSP). In addition, he has collaborated with government and industry on many projects, including work with IBM, Trend Micro, Westpac, the Australian Federal Police (AFP), the Australian Communications and Media Authority (ACMA), Westpac, UNODC to name a few.

Andrii Shalaginov is a Researcher in Information Security and Digital Forensics at the Department of Information Security and Communication Technology, Faculty of Information Technology and Electrical Engineering, Norwegian University of Science and Technology (NTNU). Dr. Shalaginov was awarded the PhD degree in Information Security from NTNU in February 2018. During the last decade, Dr. Shalaginov's focus has been on the fields of cybercrime investigation and intelligent malware detection. His primary expertise is in static and dynamic malware analysis, development of machine learning-aided intelligent computer virus detection models, and similarity-based categorization of cyberattacks in the Internet of Things. Further, Dr. Shalaginov has worked as a security researcher for UNICRI/EUIPO on malware analysis for copyright-infringing websites. He was nominated as a representative from Norway at COST Action CA17124 "DigForAsp - Digital forensics: evidence analysis via intelligent systems and practices". In 2018, Dr. Shalaginov, together with his NTNU team, received an award for first place in the "Future of Smart Policing" hackathon competition sponsored by INTERPOL (Singapore). Dr. Shalaginov also holds a second Master's Degree in Information Security (Digital Forensics) from Gjøvik University College (GUC), and he received BSc and MSc degrees in System Designing from the National Technical University of Ukraine "Kyiv Polytechnic Institute", Department of Computer-Aided Design. Finally, Dr. Shalaginov is LE-1/LPIC-1 certified and has extensive industry experience, including work at Samsung R&D Center.