Ben-Gurion University develops new anti-malware methodology
Ben-Gurion University of the Negev (BGU) Malware Lab researchers have developed a new method to detect unknown, malicious emails that is more accurate than the most popular antivirus software products. Email messages are widely used by attackers to deliver dangerous content to a victim, such as attachments or links to malicious websites.
“Existing email analysis solutions only analyze specific email elements using rule-based methods, and don’t analyze other important parts,” says Dr. Nir Nissim, head of the David and Janet Polak Family Malware Lab at Cyber@BGU, and a member of the Department of Industrial Engineering and Management. “Moreover, existing antivirus engines primarily use signature-based detection methods, and therefore are insufficient for detecting new, unknown malicious emails.”
This method, called Email-Sec-360°, was developed by Aviad Cohen, a Ph.D. student and researcher at the BGU Malware Lab. The research, published in the exclusive scientific journal Expert Systems with Applications, is based on machine learning methods and leverages 100 general descriptive features extracted from all email components, including the header, body and attachments. The methodology does not require internet access, so it can be deployed by individuals and organizations, and it provides enhanced threat detection in real time.
For their experiments, the researchers used a collection of 33,142 emails (12,835 malicious and 20,307 benign) obtained between 2013 and 2016. They compared their detection model to 60 industry-leading antivirus engines as well as previous research, and found their system outperformed the next best antivirus engine by 13 percent — significantly better than such products including Kaspersky, MacAfee and Avast.
“In future work, we are extending our research and integrating analysis of attachments such as PDFs and Microsoft Office documents within Email-Sec-360°, since these are often used by hackers to get users to open and propagate viruses and malware,” Dr. Nissim says. “These analysis methods have already been developed by the David and Janet Polak Family Malware Lab at BGU.”
The Malware Lab researchers are also considering developing an online system that evaluates the security risk posed by an email message. It would be based on advanced machine learning methods and allow users worldwide to submit suspicious email messages and instantly obtain a maliciousness score and a recommendation on how to treat the email. In addition, the system would assist in collecting benign and malicious emails for research purposes which, due to privacy issues, is currently a very difficult task for researchers in this arena.
The research team includes Aviad Cohen’s academic advisors, Dr. Nir Nissim, the head of the Malware Lab, and Prof. Yuval Elovici, the director of the Telekom Innovation Labs@BGU, and of Cyber@BGU. — From Ben Gurion University of the Negev
*
Leonard Bernstein centennial exhibition on view through September 2 in Philadelphia
The special exhibition “Leonard Bernstein: The Power of Music” is on view through September 2 at the National Museum of American Jewish History (NMAJH) in Philadelphia. The first large-scale museum exhibition to illustrate the famed conductor and composer’s life, Jewish identity, and social activism, “Leonard Bernstein: The Power of Music” features approximately 100 historic artifacts—from Bernstein’s piano and conducting suit to family heirlooms—along with original films and immersive sound installations. The exhibition is part of the worldwide centennial celebration of Bernstein’s birthday
The exhibition explores how Bernstein’s approach to music was informed by the political and social crises of his day. Bernstein used the arts to express the restlessness, anxiety, fear, and hope of an American Jew living through World War II and the Holocaust, the Vietnam War, and turbulent social change that shook his faith: in God, in humanity, and in government. The exhibition focuses on what Bernstein referred to as his “search for a solution to the 20th‐century crisis of faith” and how he confronted this “crisis” by breaking racial barriers in his casting decisions for On the Town (1944), addressing America’s changing ideas about race and ethnicity in West Side Story, and giving a voice to the human rights crisis during the Vietnam era in his provocative theater piece, MASS (1971), as examples.
“Leonard Bernstein: The Power of Music” brings together approximately 100 original artifacts, some never-before-exhibited in public. Among them are an annotated copy of Romeo and Juliet used for the development of West Side Story, the program for his Carnegie Hall debut, his conducting suit, his easel used for studying scores and composing, and much more. Bernstein’s Jewish heritage, so deeply ingrained in him by his parents and so intricately woven through his life and work, will be conveyed through a number of artifacts, including the mezuzah that hung in his studio, the Hebrew prayer book he carried with him when he traveled, his ketubah (Jewish marriage contact), his family’s Passover seder plate, and the Talmud (book of Jewish law) given to Bernstein by his father. The exhibition also features a variety of films, sound installations, and interactive media. Visitors can hear from Bernstein himself through archival recordings and documentary footage, alongside interviews with those who knew him best. — From National Museum of American Jewish History
*
Magen David Adom utilizing whole blood, type ‘O’ that passes computerized analysis
For the first time in Israel: using whole blood, type “O”, with low antibody titer, to save the injured who are bleeding in the field. The IDF Medicine Corps has led an effort, in cooperation with the team of the Blood Automated Blood Typing Laboratory in MDA Blood Services, headed by Moshe Zadok, and successfully established and verified an automatic computerized method to examine the antibody titer, which allows identifying blood donors whose blood units donated will be used by the IDF Air Evacuation Unit.
The experience of the US military forces during wars in Iraq and Afghanistan, and researches they conducted later on, proved that providing units of type “O” Whole Blood to the injured who are suffering from life-threatening hemorrhage and require blood transfusion in the field, is a safe and easy-to-implement approach for the medical rescue teams. The research showed that although the blood units are kept in refrigeration, the platelets in them still keep their function and participate in the coagulation process of the bleeding. This method comes instead of providing only red blood cells component and a lyophilized (“dried”) plasma solution.
The problem with providing Whole Blood is that blood units of type “O” donors, contain plasma with “Anti A” and “Anti B” types of antibodies which can cause reaction in the blood recipient. This can be minimized by finding donors who have a very low level of antibody in their blood, so their units could be transfused to the injured without complications.
The team of the Automated Blood Typing Laboratory in MDA Blood Services, managed to establish and validate an automatic and computerized method for testing the antibody titer, which makes it possible to identify blood donors with blood type O, who donated blood units that are suitable for supply to the IDF Airborne Evacuation Unit. Until now, only units of red blood cells were used and lyophilized (“dried”) plasma. The special Whole Blood units will be labeled as “Low Titer O Whole Blood (LTOWB)”. Thus, the State of Israel has joined the small group of countries in the world that are already using Whole Blood to save lives. –From Magen David Adom
*
Preceding stories culled from emails sent to editor@sdjewishworld.com