The use of AI for security has proven to be a promising avenue for many critical tasks such as intrusion detection and malware classification.

Reducing manual effort, increasing response times, and generalising to new examples allows defenders to react quickly to incoming threats and allocate valuable human expertise more efficiently.

However, the dynamic nature of data typically seen in security tasks, resulting from the ongoing arms race between attackers and defenders, causes issues that need to be addressed in order to use machine learning to its full potential. Concept drift occurs as malicious techniques evolve and previously trained models aren’t equipped to handle them. The crafting of adversarial examples enables attackers to create specific inputs that bypass ML-based detectors. And many open questions regarding the security of AI, such as information leakage, covert backdoors, and data poisoning, continue to be researched.

AI is a powerful if not revolutionary technology for society, but in reaping the rewards we must also guarantee its safety.

Related Publications

Exploiting Code Symmetries for Learning Program Semantics
Kexin Pei, Weichen Li, Qirui Jin, Shuyang Liu, Scott Geng, Lorenzo Cavallaro, Junfeng Yang, Suman Jana
ICML 2024 | Spotlight · 41st International Conference on Machine Learning, 2023
@inproceedings{pei2024exploiting,
title={Exploiting Code Symmetries for Learning Program Semantics},
>/span> author={Kexin Pei and Weichen Li and Qirui Jin and Shuyang Liu and Scott Geng and Lorenzo Cavallaro and Junfeng Yang and Suman Jana},
booktitle={Forty-first International Conference on Machine Learning},
year={2024},
url={https://openreview.net/forum?id=OLvgrLtv6J}
}
ChainReactor: Automated Privilege Escalation Chain Discovery via AI Planning
Giulio De Pasquale, Ilya Grishchenko, Riccardo Iesari, Gabriel Pizarro, Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna
USENIX Sec 2024 · 33rd USENIX Security Symposium, 2024
@inproceedings{depasquale24ChainReactor,
author = {Giulio De Pasquale, Ilya Grishchenko, Riccardo Iesari, Gabriel Pizarro, Lorenzo Cavallaro, Christopher Kruegel, and Giovanni Vigna},
title = {{ChainReactor}: Automated Privilege Escalation Chain Discovery via AI Planning},
booktitle = {33rd USENIX Security Symposium},
year = {2024},
}
Are Machine Learning Models for Malware Detection Ready for Prime Time?
Lorenzo Cavallaro and Johannes Kinder and Feargus Pendlebury and Fabio Pierazzi
IEEE S&P Magazine 2023 · IEEE Security & Privacy Magazine, 2023
@article{CavKinPen23,
author = {Cavallaro, Lorenzo and Kinder, Johannes and Pendlebury, Feargus and Pierazzi, Fabio},
journal = {IEEE Security \& Privacy Magazine},
title = {Are Machine Learning Models for Malware Detection Ready for Prime Time?},
year = {2023},
volume = {21},
number = {2},
pages = {53-56},
doi = {10.1109/MSEC.2023.3236543},
}
Drift Forensics of Malware Classifiers
Theo Chow and Zeliang Kan and Lorenz Linhardt and Lorenzo Cavallaro and Daniel Arp and Fabio Pierazzi
AISec 2023 · In Prof. of the ACM Workshop on Artificial Intelligence and Security, 2023
@inproceedings{chow2023driftforensics,
title = {Drift Forensics of Malware Classifiers},
author = {Chow, Theo and Kan, Zeliang and Linhardt, Lorenz and Cavallaro, Lorenzo and Arp, Daniel and Pierazzi, Fabio},
booktitle = {Prof. of the {ACM} Workshop on Artificial Intelligence and Security ({AISec})},
year = {2023},
}
Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors
Zhi Chen and Zhenning Zhang and Zeliang Kan and Limin Yang and and Jacopo Cortellazzi and Feargus Pendlebury and Fabio Pierazzi and Lorenzo Cavallaro and Gang Wang
DLSP 2023 · 6th IEEE Workshop on Deep Learning Security and Privacy, 2023
@inproceedings{chen23dlsp,
author = {Zhi Chen and Zhenning Zhang and Zeliang Kan and Limin Yang and and Jacopo Cortellazzi and Feargus Pendlebury and Fabio Pierazzi and Lorenzo Cavallaro and Gang Wang},
title = {Is It Overkill? Analyzing Feature-Space Concept Drift in Malware Detectors},
booktitle = {{IEEE} Workshop on Deep Learning Security and Privacy ({DLSP})},
year = {2023},
}
Dos and Don'ts of Machine Learning in Computer Security
Daniel Arp, Erwin Quiring, Feargus Pendlebury, Alexander Warnecke, Fabio Pierazzi, Christian Wressnegger, Lorenzo Cavallaro, Konrad Rieck
USENIX Sec 2022 | Distinguished Paper Award · 31st USENIX Security Symposium, 2022
@inproceedings{arp2022dodo,
author = {Daniel Arp and Erwin Quiring and Feargus Pendlebury and Alexander Warnecke and Fabio Pierazzi and Christian Wressnegger and Lorenzo Cavallaro and Konrad Rieck},
title = {Dos and Don'ts of Machine Learning in Computer Security},
booktitle = {31st USENIX Security Symposium},
year = {2022},
}
Transcending Transcend: Revisiting Malware Classification in the Presence of Concept Drift
Federico Barbero, Feargus Pendlebury, Fabio Pierazzi, and Lorenzo Cavallaro
IEEE S&P 2022 · 43rd IEEE Symposium on Security and Privacy, 2022
@inproceedings{barbero2022transcendent,
author = {Federico Barbero and Feargus Pendlebury and Fabio Pierazzi and Lorenzo Cavallaro},
title = {Transcending Transcend: Revisiting Malware Classification in the Presence of Concept Drift},
booktitle = {{IEEE} Symposium on Security and Privacy},
year = {2022},
}
Investigating Labelless Drift Adaptation for Malware Detection
Zeliang Kan and Feargus Pendlebury and Fabio Pierazzi and Lorenzo Cavallaro
AISec 2021 · 14th ACM Workshop on Artificial Intelligence and Security, 2021
@inproceedings{kan2021adaptation,
author = {Zeliang Kan and Feargus Pendlebury and Fabio Pierazzi and Lorenzo Cavallaro},
title = {Investigating Labelless Drift Adaptation for Malware Detection},
booktitle = {{ACM} Workshop on Artificial Intelligence and Security ({AISec})},
year = {2021},
}
INSOMNIA: Towards Concept-Drift Robustness in Network Intrusion Detection
Giuseppina Andresini and Feargus Pendlebury and Fabio Pierazzi and Corrado Loglisci and Annalisa Appice and Lorenzo Cavallaro
AISec · 14th ACM Workshop on Artificial Intelligence and Security, 2021
@inproceedings{andresini2021insomnia,
author = {Giuseppina Andresini and Feargus Pendlebury and Fabio Pierazzi and Corrado Loglisci and Annalisa Appice and Lorenzo Cavallaro},
title = {{INSOMNIA}: Towards Concept-Drift Robustness in Network Intrusion Detection},
journal = {{ACM} Workshop on Artificial Intelligence and Security ({AISec})},
year = {2021},
}
Intriguing Properties of Adversarial ML Attacks in the Problem Space
Fabio Pierazzi*, Feargus Pendlebury*, Jacopo Cortellazzi, Lorenzo Cavallaro
IEEE S&P 2020 · 41st IEEE Symposium on Security and Privacy, 2020
@inproceedings{pierazzi2020problemspace,
author = {Fabio Pierazzi and Feargus Pendlebury and Jacopo Cortellazzi and Lorenzo Cavallaro},
booktitle = {2020 IEEE Symposium on Security and Privacy (SP)},
title = {Intriguing Properties of Adversarial ML Attacks in the Problem Space},
year = {2020},
volume = {},
issn = {2375-1207},
pages = {1308-1325},
doi = {10.1109/SP40000.2020.00073},
url = {https://doi.ieeecomputersociety.org/10.1109/SP40000.2020.00073},
publisher = {IEEE Computer Society},
}
TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time
Feargus Pendlebury*, Fabio Pierazzi*, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro
USENIX Sec 2019 · 28th USENIX Security Symposium, 2019
@inproceedings{pendlebury2019tesseract,
author = {Feargus Pendlebury and Fabio Pierazzi and Roberto Jordaney and Johannes Kinder and Lorenzo Cavallaro},
title = {{TESSERACT: Eliminating Experimental Bias in Malware Classification across Space and Time}},
booktitle = {28th USENIX Security Symposium},
year = {2019},
address = {Santa Clara, CA},
publisher = {USENIX Association},
note = {USENIX Sec}
}
Transcend: Detecting Concept Drift in Malware Classification Models
Roberto Jordaney, Kumar Sharad, Santanu K. Dash, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro
USENIX Sec 2017 · 26th USENIX Security Symposium, 2017
@inproceedings {jordaney2017,
author = {Roberto Jordaney and Kumar Sharad and Santanu K. Dash and Zhi Wang and Davide Papini and Ilia Nouretdinov and Lorenzo Cavallaro},
title = {{Transcend: Detecting Concept Drift in Malware Classification Models}},
booktitle = {26th USENIX Security Symposium},
year = {2017},
address = {Vancouver, BC},
url = {https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/jordaney},
publisher = {USENIX Association},
note = {USENIX Sec}
}
DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware
Guillermo Suarez-Tangil, Santanu Kumar Dash, Mansour Ahmadi, Johannes Kinder, Giorgio Giacinto, and Lorenzo Cavallaro
ACM CODASPY 2017 · 7th ACM Conference on Data and Application Security and Privacy, 2017
@inproceedings{codaspy17,
author = {Guillermo Suarez-Tangil and Santanu Kumar Dash and Mansour Ahmadi and Johannes Kinder and Giorgio Giacinto and Lorenzo Cavallaro},
title = {{DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware}},
booktitle = {{Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy}},
year = {2017},
month = {March},
url = {http://dx.doi.org/10.1145/3029806.3029825},
doi = {10.1145/3029806.3029825},
note = {ACM CODASPY}
}
Misleading Metrics: On Evaluating Machine Learning for Malware with Confidence
Roberto Jordaney, Zhi Wang, Davide Papini, Ilia Nouretdinov, and Lorenzo Cavallaro
TR@RHUL 2016 · Technical Report, 2016
@TechReport{RHUL2016,
author = {Roberto Jordaney and Zhi Wang and Davide Papini and Ilia Nouretdinov and Lorenzo Cavallaro},
title = {{Misleading Metrics: On Evaluating Machine Learning for Malware with Confidence}},
institution = {Royal Holloway, University of London},
year = {2016},
number = {2016-1},
note = {TR@RHUL}
}
DroidScribe: Classifying Android Malware Based on Runtime Behavior
Santanu Kumar Dash, Guillermo Suarez-Tangil, Salahuddin Khan, Kimberly Tam, Mansour Ahmadi, Johannes Kinder, and Lorenzo Cavallaro
IEEE S&P-MoST 2016 · IEEE Security and Privacy Workshops: Mobile Security Technologies, 2016
@inproceedings{most16-droidscribe,
author = {Santanu Kumar Dash and Guillermo Suarez-Tangil and Salahuddin Khan and Kimberly Tam and Mansour Ahmadi and Johannes Kinder and Lorenzo Cavallaro},
title = {DroidScribe: Classifying Android Malware Based on Runtime Behavior},
booktitle = {IEEE Security and Privacy Workshops: Mobile Security Technologies},
year = 2016,
month = {May},
note = {IEEE S&P-MoST}
}
Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection
Amit Deo, Santanu Kumar Dash, Guillermo Suarez-Tangil, Volodya Vovk, and Lorenzo Cavallaro
ACM CCS-AISec 2016 · 9th ACM CCS Workshop on Artificial Intelligence and Security, 2016
@inproceedings{aisec16,
author = {Amit Deo and Santanu Kumar Dash and Guillermo Suarez-Tangil and Volodya Vovk and Lorenzo Cavallaro},
title = {{Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection}},
booktitle = {9th ACM CCS Workshop on Artificial Intelligence and Security},
year = {2016},
note = {ACM CCS-AISec}
}
Conformal Clustering and Its Application to Botnet Traffic
Giovanni Cherubin, Ilia Nouretdinov, Alexander Gammerman, Roberto Jordaney, Zhi Wang, Davide Papini, and Lorenzo Cavallaro
SLDS 2015 · 3rd International Symposium of Statistical Learning and Data Science, 2015
@inproceedings{cherubin,
author = {Giovanni Cherubin and Ilia Nouretdinov and Alexander Gammerman and Roberto Jordaney and Zhi Wang and Davide Papini and Lorenzo Cavallaro},
title = {{Conformal Clustering and Its Application to Botnet Traffic}},
booktitle = {Statistical Learning and Data Sciences, 3rd International Symposium},
year = {2015},
note = {SLDS}
}