Anti-malware program developed at UGA used to keep campus secure

Perdisci, Roberto

March 12, 2015

James Hataway

James Hataway

Public Relations Coordinator

Recent and archived articles by James Hataway

Division of Marketing & Communications
Work: 706-542-6927

Roberto Perdisci

Roberto Perdisci

Assistant Professor

Computer Science
Franklin College of Arts and Sciences
Work: 706/542-2911


  • magnify Perdisci, Roberto

    Roberto Perdisci is an assistant professor of computer science in the Franklin College of Arts and Sciences.

Scroll Left 1 Scroll Right

Related Sites

Athens, Ga. - An anti-malware program developed by researchers at the University of Georgia is helping to keep campus computers safe, and it may also prove useful for other institutions that want to protect sensitive information from cybercriminals.

Roberto Perdisci, an assistant professor of computer science at UGA, and his students call their program AMICO, which means "friend" in Italian, a subtle reference to Perdisci's Italian roots. AMICO works by automatically analyzing the origin of every executable file downloaded on the UGA computer network in real time to determine if it might be dangerous.

"AMICO is unique because it doesn't actually look at the contents of the downloaded files," Perdisci said. "Other malware programs scan files to see if they contain computer code that might be malicious, but our program looks at patterns associated with a file's origin site and determines whether it is dangerous based on data we have collected about that site in the past."

The AMICO software also automatically creates an anonymous tag for machines that download potentially harmful files, and it does not store any personal information about individual users.

"AMICO does not need to know who downloaded the file; it only knows if there is a potential threat to a computer on our network," Perdisci said. "If a threat is detected, this information is passed to UGA's Information Security team."

The annual cost of cybercrime and economic espionage is more than $445 billion worldwide, according to estimates from the Center for Strategic and International Studies, a Washington-based think tank.

UGA's Office of Information Security has used AMICO alongside other commercially available security programs for more than two years, and it has provided them with an extra layer of security for all users across campus.

"We have about 100,000 devices on our campus, and AMICO is able to catch problems that our other tools are missing," said Christopher Workman, associate director of information security at UGA. "It's been invaluable, and we absolutely love it."

The AMICO project, which stands for Accurate Malware Identification by Classification of live network traffic Observations, has been funded by the National Science Foundation, and is the result of a long-standing collaboration between Perdisci and Kang Li, a professor of computer science at UGA. AMICO is completely open source, so large communities of programmers and security experts are able to comment on and improve the program through online collaborations.

Perdisci and Li also recently received funding from the U.S. Department of Homeland Security to transition the AMICO system to market and to further its adoption beyond UGA. To that effect, the UGA Research Foundation has filed a patent application on AMICO and desires to partner with companies toward the commercial exploitation of this important asset.

"Ultimately, we want to build a large community of developers and users that can improve what we've done so far to make our software ready to deploy to other institutions," Perdisci said. "We've already seen tremendous success on UGA's network, so I know there is value for AMICO outside of our local campus as well."


Filed under: Culture / Living, Business / Economy, University News, Funding and Licensing

Media Relations

Executive Director for Media Communications
Greg Trevor

706 / 542-8025
Executive Editor for Media Relations
David Bill

706 / 542-9150
Media Relations Coordinator
Sara Freeland

706 / 542-8077
Media Relations Coordinator for Broadcast
Melissa Jackson

706 / 542-8089

Open Records

Open Records Manager
Bob Taylor

706 / 542-8095