Overview
Explore the challenges and opportunities of machine learning in malware detection through this 25-minute Black Hat conference talk. Delve into the concept of bot vs. bot evasion techniques, understanding how machine learning can be both a powerful tool for detection and a target for sophisticated attacks. Learn about the taxonomy of machine learning attacks in infosec, related works on model access and score reporting, and draw parallels with reinforcement learning in Atari Breakout. Discover the intricacies of anti-malware evasion AI, including agent state observation, manipulation arsenal, and the machine learning model itself. Examine evasion results and discuss potential model hardening strategies to improve resilience against automated attacks.
Syllabus
Bot vs. Bot: Evading Machine Learning Malware Detection
Why Machine Learning
Goal: Can You Break Machine Learning?
Yes! And it can be automated!
Taxonomy of ML Attacks in infosec
Related Work: full access to model
Related Work: attack score reporter
Summary of Previous Works
Atari Breakout: an Al
Learning rewards and credit assignment
Anti-malware evasion: an Al
The Agent's State Observation
The Agent's Manipulation Arsenal
The Machine Learning Model
Evasion Results
Model Hardening Strategies
Thank you!
Taught by
Black Hat