<?xml version="1.0" encoding="UTF-8"?><ns2:project xmlns:ns1="http://gtr.rcuk.ac.uk/gtr/api" xmlns:ns2="http://gtr.rcuk.ac.uk/gtr/api/project" xmlns:ns3="http://gtr.rcuk.ac.uk/gtr/api/fund" xmlns:ns4="http://gtr.rcuk.ac.uk/gtr/api/person" xmlns:ns5="http://gtr.rcuk.ac.uk/gtr/api/project/outcome" xmlns:ns6="http://gtr.rcuk.ac.uk/gtr/api/organisation" ns1:created="2026-06-03T15:52:43Z" ns1:href="http://gtr.ukri.org/gtr/api/projects/B66B68AF-CEEF-421D-9446-D99E489158FC" ns1:id="B66B68AF-CEEF-421D-9446-D99E489158FC"><ns1:links><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/persons/883B3E48-17F2-4C96-A97B-371F9BAB0ECA" ns1:rel="PM_PER"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/3CAA4800-DE30-4FD0-82C5-FED638CABBD8" ns1:rel="LEAD_ORG"/><ns1:link ns1:href="http://gtr.ukri.org/gtr/api/organisations/3CAA4800-DE30-4FD0-82C5-FED638CABBD8" ns1:rel="PARTICIPANT_ORG"/><ns1:link ns1:end="2021-04-29T23:00:00Z" ns1:href="http://gtr.ukri.org/gtr/api/funds/F283574B-8A9A-457D-AD49-B65C4510C780" ns1:rel="FUND" ns1:start="2020-11-01T00:00:00Z"/></ns1:links><ns2:identifiers><ns2:identifier ns2:type="RCUK">84000</ns2:identifier></ns2:identifiers><ns2:title>Classifying Advanced Malware into Families based on Instruction Link Analysis - project name: RAPTOR</ns2:title><ns2:status>Closed</ns2:status><ns2:grantCategory>Collaborative R&amp;D</ns2:grantCategory><ns2:leadFunder>Innovate UK</ns2:leadFunder><ns2:abstractText>Cyber-attacks can cause significant loss of business intelligence and intellectual property, damage to brand reputation and loss of money. The incidence and evolving technical complexity of malware is increasing, and the upsurge of Cybercrime as a Service means less skilled cyber-criminals can buy malware bundles to launch sophisticated attacks and shift into cyberwarfare.

It is not just the reputational damage and the material cost that is impacted by cybercrime. There is an impact on public safety and the quality of life to the public when services such as the NHS are not available. Recently, a new ransomware variant called Ekans has been discovered targeting critical infrastructure. For these systems, which include power generation, water treatment, and hospitals, loss of productivity associated with a ransomware attack can have a devastating impact.

Better malware detection means better protection for end-users. Cyber Security is one of the UK government's strategic priorities, and they have stated that addressing this challenge would have stopped attacks such as WannaCry, following a government report that estimated the ransomware virus caused approximately &amp;pound;19m of lost output and &amp;pound;73m in IT costs to the NHS. Experts have warned that 900 people a year may be dying because of weak NHS computer systems.

RAPTOR seeks to bolster and enhance these systems' current malicious program practices.

The difficulty in identifying and attributing malware poses a significant global risk. Harnessing Artificial Intelligence and Machine Learning, RAPTOR will explore how we can improve both current and future protection from persistent malware and advanced persistent threat (APT) attacks, to create a system that continuously improves detection rates as it is exposed to more data and malware.

This innovation focuses on APT models, the most challenging area of detection and attribution. The ability to use Machine Learning models and algorithms to discern patterns and perform feature extraction relevant to the origin of the malware code is a significant advancement in the development of robust analytical and informative models.

RAPTOR will positively disrupt the malware analysis market, by extending the abilities of systems that are already in place thus protecting against the growing threat of persistent cybercrime to businesses, governments, and citizens and supporting research institutions to better understand how persistent malware behaves.

This will position the UK as leaders in malware analysis and research, bolstering our global reputation in the field of cybersecurity.</ns2:abstractText></ns2:project>