LSU Cyber Warriors Track Computer Crime with AI
September 20, 2022
Fighting Cybercrime with Louisiana State Police
LSU cybersecurity experts are developing a new tool, called HookTracer, to discover cybercrime more effectively using artificial intelligence, or AI. HookTracer can be used by investigators, such as Louisiana State Police’s Cybercrime Unit, to stop—or at least understand—cyberattacks. Whether it’s attempts to disrupt critical energy infrastructure or hold schools and businesses for ransom, Louisiana ranks high on the list of U.S. states most at-risk of cybercrime—in fact, the highest among all Southern states, except Florida.
Cyberattacks can take many forms, but often, hackers insert code that in some way changes normal operations in a computer’s operating system. For example, malware (malicious software) can monitor webcams and microphones, copy data saved to the clipboard, or snoop on whatever is typed on a keyboard—while sneakily covering its own tracks. Both good and bad software can do this, including by the use of hooks, which makes the detection of malware extra difficult.
AI can help investigators identify cyberattacks that might not be an exact match with other and previously known attacks, yet similar in significant ways—perhaps by accessing a certain location in the computer’s memory or following a specific sequence of steps. AI is exceptionally good at discovering “close enough” patterns in large amounts of data, just as deep learning for facial recognition can recognize a person both with and without glasses.
“HookTracer gives our students the ability to quickly develop new malware detection capabilities that can be immediately applied in the field,” said Andrew Case, industry partner in the LSU Applied Cybersecurity Lab.
“A large part of our investigative effort is spent going down rabbit holes to rule out false positives. It’s a labor-intensive effort, even for the most highly trained analysts. That’s why Louisiana State Police always is looking for new tools and methodologies, such as those developed by LSU, to make the process more efficient.”
Devin King, cybercrime analyst with Louisiana State Police