Using malware persistence diagrams to classify unknown software
Cybersecurity experts leverage a variety of approaches to detect and counter malware threats. One of these approaches is the use of signatures or known patterns of behavior that are indicative of a specific malware. However, modern malware employs sophisticated techniques to evade such signature-based detection methods. This is where TDA and its associated method of persistent homology can provide a significant edge.
To further expand on the example given: persistent homology creates a topological summary of high-dimensional data in the form of a persistence diagram. This diagram shows the “birth” and “death” of topological features, such as clusters and loops, as we vary the scale. By observing these diagrams, we can identify certain recurring patterns or “persistent features” that are commonly seen in the persistence diagrams of known malware.
Take, for instance, a certain...
