new technologies to address “malicious software”

new technologies to address “malicious software”

This post is also available in: heעברית (Hebrew)

36711384_mPreventing malware attacks before they can happen has been a top priority for the Department of Homeland Security (DHS) Science and Technology Directorate’s (S&T) Cyber Security Division (CSD), who have been developing two new technologies to address “malicious software”.

The two technologies, AMICO and ZeroPoint, aim to send malware alerts in real time, classify malware for future attacks and inspect data to identify what the malware aims to do, and stop it before it does harm.

S&T Cyber Security Division Director Douglas Maughan said that it is their aim to work with private sector  partners to protect the nation’s infrastructure systems and commercial marketplaces, and added:  “Showcasing and, most importantly, transitioning these technologies into the commercial market will be impactful to all organizations engaged in securing cyberspace and protecting various organizations such as government, public utilities and healthcare.”

Additionally, the directorate said, “CSD is working with several malware detection technologies through its Transition to Practice (TTP) program, which identifies government-funded technologies being developed in the lab that have the potential to improve the nation’s cybersecurity posture.”

In 2015, S&T introduced the two technologies, that join three of TTP’s existing technologies in

addressing malware. CSD will introduce one of these solutions at the TTP technology demonstration in Santa Clara, California on June 9

One of these technologies is the Federated Malware Analysis System (FMAS), a CSD-funded technology which is aimed at countering the strengths of a malware attacker. Many malware analysis solutions ‘cluster’ malware behaviors into ‘families’, which makes it somewhat easier to detect. The FMAS tools, however,  are used to detect malware based on how they respond in a certain enviroment.