UGA's recently established Institute for Cybersecurity and Privacy uses anti-malware software developed by the institute’s network security expert, associate professor of computer science Roberto Perdisci, to detect malware downloads on its own networks - a model other institutions are begiining to follow:
“Your antivirus software installed on your computer to protect against malware attacks will always be behind,” Perdisci says. Such software scans downloads for malicious code, but cybercriminals have found ways to disguise malware as legitimate-looking code, enabling them to evade traditional security measures. “I’m not saying the antivirus products are useless—they’re not useless—but they’re much less useful than they used to be.”
That’s why he created AMICO, the open-source software system that analyzes where downloads are sourced from online and detects malware downloads with startling accuracy, flagging 95 percent of malicious downloads on a network serving tens of thousands of users and alerting network security personnel to malware other defenses missed.
Grants from the Department of Homeland Security and the National Science Foundation are helping take AMICO to the next level with grants to get the software to a wider market than just institutes of higher education.
The goal for Perdisci is to make the internet a more secure place.
“Ideally,” he says, “users may not even notice that we’ve done something to improve cybersecurity because they will just go about their business without having to deal with malware infections, not having to deal with scams, not having to deal with anything else that is a potential threat.”
Perdisci's work allows the university and our computer science department to be out in front of an emerging issue, providing leadership, training and security innovations for government and private industry.