{"683367":{"#nid":"683367","#data":{"type":"event","title":"Ph.D. Proposal Oral Exam - Kevin Valakuzhy","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle:\u0026nbsp; \u003C\/strong\u003E\u003Cem\u003EReducing Malware Analyst Workload with Semantic Binary Code Filtering\u003C\/em\u003E\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u0026nbsp;\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EDr.\u0026nbsp;Monrose, Advisor\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EDr. Blough, Chair\u003C\/p\u003E\u003Cp\u003EDr. Ahamad\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EThe object of the proposed research is to aid malware analysts\u0027 workflows by improving the efficiency and accuracy of binary-code-based analyses. Our approach integrates information from both static and dynamic analysis to identify semantically relevant portions of code. Specifically, we develop a methodology to uncover malware family relationships by locating code responsible for high-level suspicious behaviors observed during execution.\u0026nbsp; By associating binary code with its observed functionality, we enable more efficient code extraction and comparison, producing malware family clusters that better align with expert judgments than existing automated labeling methods, even ones used as ground truth. However, evasive malware can hide suspicious behaviors during dynamic analysis, forcing analysts into time-consuming workflows to uncover hidden behavior. To address these evasion techniques, we show how combining dynamic and static analysis can guide localization of evasion using Large Language Models (LLMs), improving their efficiency and accuracy. Still, analysts must currently intervene to manually bypass evasion techniques. As remaining work, we propose integrating data-flow analysis to reduce the input context for LLM-based systems and evaluate their potential to automatically bypass evasion.\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Reducing Malware Analyst Workload with Semantic Binary Code Filtering"}],"uid":"28475","created_gmt":"2025-07-29 23:02:19","changed_gmt":"2025-07-29 23:02:36","author":"Daniela Staiculescu","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2025-08-05T14:00:00-04:00","event_time_end":"2025-08-05T16:00:00-04:00","event_time_end_last":"2025-08-05T16:00:00-04:00","gmt_time_start":"2025-08-05 18:00:00","gmt_time_end":"2025-08-05 20:00:00","gmt_time_end_last":"2025-08-05 20:00:00","rrule":null,"timezone":"America\/New_York"},"location":"Room 3402, Klaus","extras":[],"groups":[{"id":"434371","name":"ECE Ph.D. Proposal Oral Exams"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"},{"id":"1808","name":"graduate students"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}