A tool to detect and analyse new malware threats in real time, revealing the threat infrastructure and unveiling key malicious players and networks of the cyber criminals by:
- Testing and evaluating models that use API calls for detecting malware with Host based Intrusion Detection Systems (HIDS)
- Testing and evaluating models that use anomaly detection for identifying malware with Network based Intrusion Detection Systems (NIDS)
- Integrating optimal HIDS and NIDS solutions to evaluate both API call and anomaly detection
The project will develop a tool with integrated HIDS and NIDS that identifies Zero Day ransomware using API call sequencing and anomaly detection from traffic analysis, enabling security teams to detect and respond to previously undetected threats.