SHARON, Pa. — Penn State Shenango Assistant Professor of Cybersecurity Dima Rabadi presented at the 58th Hawaii International Conference on System Sciences (HICSS) in Hawaii in early January. Rabadi’s research paper titled, “BERT-Cuckoo15: A Comprehensive Framework for Malware Detection Using 15 Dynamic Feature Types,” was included in the conference’s "Cybersecurity in the Age of AI" track.
According to the FBI's 2023 Internet Crime Report, different types of malware comprised the top-reported cybercrimes in the United States four years in a row. Due to constantly evolving malware strategies, Rabadi said she was interested in exploring dynamic, rather than static, detection techniques.
Malware is software designed to disrupt, damage or gain unauthorized access to a computer system. The research, and topic of the presentation, focused on malware detection and the challenges faced by existing techniques to identify complex malware behavior. Rabadi, along with co-authors Jia Yi Loo and Sin G. Teo, both from the Institute for Infocomm Research in Singapore, introduced a malware detection model that leverages Bidirectional Encoder Representations from Transformers (BERT). The model analyzes, processes and encodes diverse features of information into more manageable chunks, allowing for contextual information to be gathered from across different activities within the software.
After gathering more than 36,000 samples across nine different malware types, the team’s BERT-Cuckoo15 model was accurate in detecting malware nearly 98% of the time, outperforming traditional machine learning models.
According to Rabadi, this is the first instance of integrating multiple approaches — including feature extraction, chunk aggregation and advanced contextual embeddings from BERT's natural language processing capabilities — for malware detection. She said she believes this approach paves the way for future research in the field, offering a strong foundation for combining natural language processing models with cybersecurity applications, particularly in malware analysis.
“Sharing my work with experts and peers was an inspiring experience,” Rabadi said. “Connecting with industry leaders, faculty and [doctoral] students from across the globe, sharing our experiences, challenges and achievements reminded me of the power of community and collaboration."