Syracuse Researcher Wins NSF Career Award For Malware Research

PRESS RELEASE

Heng Yin, assistant professor of computer science in the L.C. Smith College of Engineering and Computer Science at Syracuse University, has been awarded the prestigious Faculty Early Career Development (CAREER) award by the National Science Foundation (NSF) for his proposal “Binary and Virtualization Centric Malware Defense.” This grant of nearly $550,000 will support Yin’s research over five years in the area of analyzing and building defenses against malware (malicious software).

yinThe CAREER Program is a foundation-wide activity that offers the NSF’s most prestigious awards in support of the early career-development activities of those teacher-scholars who most effectively integrate research and education within the context of the mission of their organization.

“The endless arms race between malware defenders and attackers resembles the fight between the cat and the mouse in the famous ‘Tom and Jerry’ cartoon series,” says Yin. “Sadly enough, malware defenders, just like Tom, often lose the game.”

In the study of malware protection, the primary objective is to defeat the malware and protect the operating system from attack. To fulfill this objective, Yin takes two research thrusts: online protection and offline analysis. The online protection entails exploring ways to prevent malware from impacting a system or developing defenses that more accurately detect malicious code. The offline analysis is where exploration of how the malware affects a system is conducted.

Yin likens these discrete defense mechanisms to going through airport security: online protection includes screening someone as they go through the security check points, and offline analysis is doing background checks on someone who has been identified as a potential threat and has been detained.

Yin’s research proposes beginning with offline malware analysis. By using a new sandbox technique that can isolate a malicious code module using virtual techniques, Yin can analyze the binary code created by the malware and work to understand the impact it has on a system. Ultimately, the goal is to be able to extract knowledge about how the malware works to develop better defenses in the online environment.

“Dr. Yin is an extraordinarily talented researcher whose work is characterized by systemic analyses at multiple levels,” says Chilukuri Mohan, professor and chair of the Department of Electrical Engineering and Computer Science (EECS). “He and other EECS faculty have developed a top-ranking reputation for cybersecurity research and education at Syracuse University. In addition to exploring ways to defend operating systems against malware, Yin is committed to using his research to improve the opportunities for students at LCS. He hopes to engage both undergraduate and graduate students in his research, as well as introduce a course in virtualization for computer science students.”

“I feel so honored to receive this award on my very first attempt. I am so passionate about this work and will make my best effort to fulfill my proposed research and education plan,” says Yin.

This is Yin’s second NSF award since completing his Ph.D. in 2009. In August 2010, Yin was awarded $427,000 for his grant proposal “Mining Operating System Semantics: Techniques and Applications.”