2020
DOI: 10.48550/arxiv.2010.16045
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

Machine Learning (In) Security: A Stream of Problems

Fabrício Ceschin,
Heitor Murilo Gomes,
Marcus Botacin
et al.

Abstract: Machine Learning (ML) has been widely applied to cybersecurity, and is currently considered state-of-the-art for solving many of the field´s open issues. However, it is very difficult to evaluate how good the produced solutions are, since the challenges faced in security may not appear in other areas (at least not in the same way). One of these challenges is the concept drift, that actually creates an arms race between attackers and defenders, given that any attacker may create novel, different threats as time… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0
1

Year Published

2021
2021
2024
2024

Publication Types

Select...
4
2

Relationship

0
6

Authors

Journals

citations
Cited by 6 publications
(5 citation statements)
references
References 98 publications
0
4
0
1
Order By: Relevance
“…Idea drift is pertinent for malware detection when static file analysis is performed, according to earlier research [7]. Prior studies have looked into methods for identifying idea drift in malware families [8] and warning human analysts when it is found during malware detection. The efficiency of several machine learning properties for detecting fraudulent websites is examined in work [9] However, the use of Host and Content capabilities is the extent of their activity.…”
Section: Related Workmentioning
confidence: 99%
“…Idea drift is pertinent for malware detection when static file analysis is performed, according to earlier research [7]. Prior studies have looked into methods for identifying idea drift in malware families [8] and warning human analysts when it is found during malware detection. The efficiency of several machine learning properties for detecting fraudulent websites is examined in work [9] However, the use of Host and Content capabilities is the extent of their activity.…”
Section: Related Workmentioning
confidence: 99%
“…Cinco classificadores foram escolhidos para a avaliação: XGBoost, NuSVC, RadiusNeighbors, AdaBoost e stochastic gradient descent (SGD). Os algoritmos selecionados são populares para detecção de intrusões baseada em anomalias, e sua diversificação permite que se observe como a proposta se comporta com estratégias variadas de classificação [Mishra et al 2018, Ceschin et al 2020.…”
Section: Objetivos E Experimentos Realizadosunclassified
“…Fig. 2 illustrates the overview learning framework of PE malware detection [18], which generally consists of three steps, including data acquisition, feature engineering as well as learning from models and predictions. In the following, we are going to introduce each step at a glance.…”
Section: Overviewmentioning
confidence: 99%
“…Feature engineering aims to extract the intrinsic properties of PE files that are most likely to be used for distinguishing malware from goodware, and then generates corresponding numeric features for representation. From different perspectives of properties of PE files, there is a large body of work on extracting various features, which can be generally categorized into three broad category: static features, dynamic features and hybrid features [18,106,142] and summarized in Table 1.…”
Section: Feature Engineeringmentioning
confidence: 99%