"LSU Researchers Use AI to Track Cybercrime in Louisiana and Beyond"

Cybersecurity experts at Louisiana State University (LSU) are developing HookTracer, a new tool that uses Artificial Intelligence (AI) to reveal known and unknown cybercriminals and cybercrime. Investigators, such as the Louisiana State Police's Cybercrime Unit, can use HookTracer to stop or at least understand and mitigate cyberattacks. HookTracer focuses on Application Programming Interface (API) hooks, which are used by both good and bad programs to tell operating systems what to do so that they can work efficiently and effectively. APIs connect computers or pieces of software so they can work better together. Their purpose is to hide the internal workings of a system, exposing only the parts that a regular user would care about. If a computer program appears intuitive and simple to use, it is because significant complexity has been engineered to be invisible to the user. However, this convenient obfuscation provides hackers with numerous opportunities. As new versions of software and hardware are released, cybercrime investigators face constantly shifting targets. Previous memory forensics research at LSU has addressed the problem of detecting the presence of API hooks, but a related issue is that they have been using heuristics to distinguish between benign and malicious hooks, according to Professor Golden G. Richard III, director of the LSU Applied Cybersecurity Lab. When malware changes its behavior, malicious hooks may be marked as benign and thus not examined by an investigator. To address the complexity and sometimes subtle differences between hardware, software, and malware combinations, the LSU cybersecurity researchers behind HookTracer are using AI to assist investigators in identifying cyberattacks that may not exactly match with other and previously known attacks but are similar in meaningful ways. The LSU researchers are working to make HookTracer flexible and explainable, which are essential features in memory forensics and data security with legal implications. HookTracer's multi-level attention network, a desirable feature of AI developed by the LSU team, allows the tool to shift its focus based on what it is learning in relation to previous experience and then communicate its revised priorities to investigators. This article continues to discuss the purpose and capabilities of the HookTracer tool developed by LSU cybersecurity experts. 

LSU reports "LSU Researchers Use AI to Track Cybercrime in Louisiana and Beyond"