Using maths to combat malware


The number of challenging problems that rely on maths to find a solution is growing all the time.

A Federation University Australia researcher is using complex mathematics to help in the battle against cybercrime, teaming up with the university’s Internet Commerce Security Lab (ICSL) to develop algorithms that can detect malware in computer systems and networks.

Professor of Optimisation Adil Baghirov, who was awarded an Australian Research Council Discovery Grant, is also developing new methods to solve large problems across different sectors, including water management systems and in artificial intelligence.

Malware, or malicious software, is used by criminals to steal information, money, or a computer’s resources, and can attack computers and networks in several ways. These include trojan programs, ransomware – which can make a computer unusable until a fee is paid – keyloggers and viruses, according to the Australian Cyber Security Centre.

A key component of the work is to deploy data mining and artificial intelligence techniques to detect abnormal online behaviour. This could include everyday online banking transactions.

“We are developing algorithms to detect malware activities so a machine can decide on these activities for itself, based on the algorithms and methods. These activities are completely different to normal activities. Internet banking, for example, is something that people do every day but there are others who are trying to get something illegally, so we need to understand these activities and also how to detect them,” Professor Baghirov said.

“In optimisation, large problems have a large number of variables and there may be complex functions, as well as many constraints. These problems are called general nonconvex – with tens of thousands of variables that need to be solved in a reasonable time. Reasonable time can be from a few seconds to a few hours, depending on a computer’s capability and requirements.

“And with global optimisation problems where we are looking for a solution – there may be thousands of different solutions, but we want to find the best solution. This is a big challenge as there are many problems in data mining or artificial intelligence, and there are also many people working in this area.”

The rate of cybercrime continues to accelerate across the world, with online attacks ranging from those targeting individuals to highly sophisticated attacks on large corporations and governments. The global pandemic has also increased the risks for many people who migrated from their offices to work from home, in some cases with their own IT equipment that may have been vulnerable to an attack.

Professor Baghirov said the challenge for cybersecurity experts has been to stay ahead of the criminals. He said the most common feature of these attacks was that they were all different to ‘normal’ online behaviour.

“The evolution of these activities is a big problem. Today you could develop an algorithm to detect certain activities but tomorrow there will be a completely different approach, so you have to develop algorithms that can detect those as well,” Professor Baghirov said.

“Existing algorithms can compare and identify abnormal activities and notify a machine that comes across this behaviour to stop. But if that activity is not represented in an algorithm, it will simply go ahead.

“So we have to develop algorithms to detect those new attacks because these can have a huge impact. Cybersecurity is becoming very important for any country and governments are investing more money in this area to protect these systems and networks.” Professor Adil Baghirov

Professor Baghirov said the number of challenging problems that relied on complex optimisation to find a solution was growing all the time.

“Science, like biology, is becoming a source of very complex problems, mathematical problems – consider the huge number of genes and how they interact with each other. And technology like artificial intelligence is everywhere. We go to the airport and photos are taken of our faces, which are then run through a database to check for people who are wanted by the authorities,” Professor Baghirov said.

“So all of these problems are relying on mathematics to solve these problems. When we have new problems, we consider the algorithms that we have used before but these can’t always be applied so easily. Either we have to modify them or we have to develop completely new ones.”