Marco Melis scite author profile

Abstract-To cope with the increasing variability and sophistication of modern attacks, machine learning has been widely adopted as a statistically-sound tool for malware detection. However, its security against well-crafted attacks has not only been recently questioned, but it has been shown that machine learning exhibits inherent vulnerabilities that can be exploited to evade detection at test time. In other words, machine learning itself can be the weakest link in a security system. In this paper, we rely upon a previously-proposed attack framework to categorize potential attack scenarios against learning-based malware detection tools, by modeling attackers with different skills and capabilities. We then define and implement a set of corresponding evasion attacks to thoroughly assess the security of Drebin, an Android malware detector. The main contribution of this work is the proposal of a simple and scalable secure-learning paradigm that mitigates the impact of evasion attacks, while only slightly worsening the detection rate in the absence of attack. We finally argue that our secure-learning approach can also be readily applied to other malware detection tasks.

show abstract

Is Deep Learning Safe for Robot Vision? Adversarial Examples Against the iCub Humanoid

Melis

Demontis

Biggio

et al. 2017

View full text Add to dashboard Cite

Deep neural networks have been widely adopted in recent years, exhibiting impressive performances in several application domains. It has however been shown that they can be fooled by adversarial examples, i.e., images altered by a barely-perceivable adversarial noise, carefully crafted to mislead classification. In this work, we aim to evaluate the extent to which robot-vision systems embodying deeplearning algorithms are vulnerable to adversarial examples, and propose a computationally efficient countermeasure to mitigate this threat, based on rejecting classification of anomalous inputs. We then provide a clearer understanding of the safety properties of deep networks through an intuitive empirical analysis, showing that the mapping learned by such networks essentially violates the smoothness assumption of learning algorithms. We finally discuss the main limitations of this work, including the creation of real-world adversarial examples, and sketch promising research directions. 1

show abstract

Hyperbilirubinaemia in heterozygous β‐thalassaemia is related to co‐inherited Gilbert's syndrome

et al. 1997

View full text Add to dashboard Cite

The reasons why heterozygotes for β‐thalassaemia have considerable variation in serum bilirubin levels are unkown. High levels of bilirubin could be related to the co‐inherited Gilbert's syndrome, determined either by mutations of the coding region or by variation in the A(TA)nTAA motif of the promoter of the bilirubin UDP‐glucuronosyltransferase gene (UGT‐1). We sequenced the coding and the promoter region of UGT‐1A or characterized the A(TA)nTAA motif of the promoter by denaturing gel electrophoresis of radioactive amplified products. The results were correlated with bilirubin levels in 49 β‐thalassaemia heterozygotes for codon 39 (CAG → TAG) nonsense mutation. 21 normal individuals and 32 unrelated patients with Gilbert's syndrome served as controls. The coding sequence region of the UGT‐1A was normal. Five β‐thalassaemia heterozygotes, who were homozygous for the extra (TA) bases in the A(TA)nTAA element of the promoter of UGT‐1A, the configuration present in homozygosity in Gilbert's syndrome, had higher bilirubin levels compared to those with the (TA)6/(TA)7 or (TA)6/(TA)6 configurations. In the group of 32 patients with Gilbert's syndrome, 31 of whom had the (TA)7/(TA)7 configuration, we detected 14 heterozygotes for β‐thalassaemia, a figure much higher than predicted on the basis of the carrier rate. Homozygosity for the (TA)7 motif, the typical promoter configuration of Gilbert's syndrome, is one of the factors determining hyperbilirubinaemia in heterozygous β‐thalassaemia.

show abstract

Deep neural rejection against adversarial examples

Sotgiu

Demontis

Melis

et al. 2020

EURASIP J. on Info. Security

View full text Add to dashboard Cite

Despite the impressive performances reported by deep neural networks in different application domains, they remain largely vulnerable to adversarial examples, i.e., input samples that are carefully perturbed to cause misclassification at test time. In this work, we propose a deep neural rejection mechanism to detect adversarial examples, based on the idea of rejecting samples that exhibit anomalous feature representations at different network layers. With respect to competing approaches, our method does not require generating adversarial examples at training time, and it is less computationally demanding. To properly evaluate our method, we define an adaptive white-box attack that is aware of the defense mechanism and aims to bypass it. Under this worst-case setting, we empirically show that our approach outperforms previously-proposed methods that detect adversarial examples by only analyzing the feature representation provided by the output network layer.

show abstract

Elevation of serum creatine kinase as the only manifestation of an intragenic deletion of the dystrophin gene in three unrelated families

Melis

Cau

Muntoni

et al. 1998

European Journal of Paediatric Neurology

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Marco Melis

Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection

Is Deep Learning Safe for Robot Vision? Adversarial Examples Against the iCub Humanoid

Hyperbilirubinaemia in heterozygous β‐thalassaemia is related to co‐inherited Gilbert's syndrome

Deep neural rejection against adversarial examples

Elevation of serum creatine kinase as the only manifestation of an intragenic deletion of the dystrophin gene in three unrelated families

Contact Info

Product

Resources

About