Charles River Analytics and Assured Information Security have partnered to develop a machine learning-based anomaly identification framework to support the Defense Advanced Research Projects Agency’s efforts to improve detection of the Trojan computer virus.
The Cambridge, Mass.-based company said Tuesday it will lead research and development activities for the initiative as part of DAPRPA’s Safeguards against Hidden Effects and Anomalous Trojans in Hardware program.
The team’s Trojan detection framework, known as Fuzzing Automatically to Locate Compromised Hardware with Isolation to Omit Noise, is meant to detect a wide range of Trojan types that alter hardware and pose risks to sensitive applications.
Charles River Analytics said it intends to apply its ML experience as well as its expertise in probabilistic modeling and anomaly detection as part of the effort.
Dan Mitchell, a senior software engineer at the company, said the team wants to address limitations in current detection techniques that render high false-alarm rates and deploy concepts such as hypervisor-based anomaly isolation to develop FALCHION.
The framework will primarily focus on Trojans that attack devices under the Peripheral Component Interconnect Express interface standard, according to Charles River Analytics.