Overview
Explore the challenges and strategies for building robust machine learning systems for security in this 19-minute conference talk from USENIX Enigma 2020. Delve into the complexities of developing effective malware detectors using machine learning, addressing issues such as achieving low false positive rates, dealing with polluted ground truth data, and testing dynamic models against ephemeral malware. Learn about modeling realistic adversaries for adversarial attacks and defenses, and gain insights into the practical considerations for implementing machine learning in cybersecurity contexts.
Syllabus
Intro
Machine Learning is necessary for detecting malware at scale
Let's build a malware detector using machine learning
What is malware?
Professional Heuristics for Ground Truth
Does the overall performance of the classifiers matter?
Adversarial attacks: feature space vs problem space
Are adversarial attacks harmful to users?
Is evading one classifier enough?
Who is the adversary?
Questions?
Taught by
USENIX Enigma Conference