Christopher Kruegel received the 2008 National Science Foundation Early Career Development (CAREER) award. CAREER awards, given to future academic leaders, are NSF’s most prestigious grants for young scholars. The award provides support for research in the amount of 400K dollars over a five-year period. Prof. Kruegel becomes the 17th NSF CAREER Award winner in our department.
Prof. Kruegel’s award is titled “Toward Eliminating Malicious Code.” Malicious software, or malware, is one of the most pressing security problems facing the Internet today. To overcome the shortcomings of current malware detection and mitigation approaches, the goal of the project is to develop a novel malware defense system that is general enough to characterize and detect a wide variety of malicious programs and that can quickly react to new malware families. This system will automatically generate detection models based on the observation of the execution of malware programs. That is, the system will execute and monitor a new malware program in a controlled analysis environment. Based on this observation, the system will identify the behavior that reflects malicious activity. This program behavior is then automatically translated into efficient detection models that operate both at the host and the network level. As a result, it needs significantly more effort for attackers to craft new malware variants than for defenders to respond.