Hot Topics in Machine Learning for Computer Security

Overview

SemesterSummer 2023
Course typeBlock Seminar
LecturerJun.-Prof. Dr. Wressnegger
AudienceInformatik Master & Bachelor
Credits4 ECTS
Room148 (50.34)
LanguageEnglish
LinkTBA
Registrationhttps://ilias.studium.kit.edu/goto.php?target=crs%5F2081073&client_id=produktiv

Description

This seminar is concerned with the combination of machine learning and computer security in practice. Many tasks in the security landscape are based on manual labor, such as searching for vulnerabilities or analyzing malware. Here, machine learning can be used to establish a higher degree of automation, providing more "intelligent" security solutions.

The module intensifies the contents of the MLSEC lectures, putting focus on timely topics from recent research. It teaches students to work up results from state-of-the-art research. To this end, the they will read up on a sub-field, prepare a seminar report, and present their work at the end of the term to their colleagues.

Schedule

DateStep
Tue, 18. April, 11:30–13:00Primer on academic writing, assignment of topics
Thu, 27. AprilArrange appointments with assistant
Tue, 02. May - Fri, 05. May1st individual meeting (First overview, ToC)
Mon, 05. June - Fri, 09. June2nd individual meeting (Feedback on first draft of the report)
Wed, 28. JuneSubmit final paper
Mon, 10. JulySubmit review for fellow students
Fri, 14. JulyEnd of discussion phase
Fri, 21. JulySubmit camera-ready version of your paper
Fri, 28. JulyPresentation at final colloquium

Matrix Chat

News about the seminar, potential updates to the schedule, and additional material are distributed using the course's matrix room. Moreover, matrix enables students to discuss topics and solution approaches.

You find the link to the matrix room on ILIAS.

Topics

Every student may choose one of the following topics. For each of these, we additionally provide a recent top-tier publication that you should use as a starting point for your own research. For the seminar and your final report, you should not merely summarize that paper, but try to go beyond and arrive at your own conclusions.

Moreover, most of these papers come with open-source implementations. Play around with these and include the lessons learned in your report.

  • Learning-based Vulnerability Discovery in Web Application's Source Code

    • Medeiros et al., WWW 2014. "Automatic detection and correction of web application vulnerabilities using data mining to predict false positives"
    • Liu et al., ISSTA 2020. "DeepSQLi: Deep semantic learning for testing SQL injection"

  • Improving Side Channel Attacks with Machine Learning

    • Bhasin et al., NDSS 2020. "Mind the portability: A warriors guide through realistic profiled side-channel analysis"
    • Moos et al., TCHES 2021. "DL-LA: Deep Learning Leakage Assessment: A modern roadmap for SCA evaluations"

  • Ad-Blocking with Machine Learning

    • Shuba et al., PETS 2018. "NoMoAds: Effective and Efficient Cross-App Mobile Ad-Blocking"
    • Hieu et al., NDSS 2021. "CV-Inspector: Towards Automating Detection of Adblock Circumvention"

  • Learning-based Phishing Detection

    • Ho et al., USENIX 2019. "Detecting and Characterizing Lateral Phishing at Scale"
    • Lin et al., USENIX 2021. "Phishpedia: A Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages"

  • Concept Drift in Learning-based Malware Detection

    • Jordaney et al., USENIX 2017. "Transcend: Detecting concept drift in malware classification models"
    • Barbero et al., S&P 2022. "Transcending transcend: Revisiting malware classification in the presence of concept drift"

  • Learning-based Detection of Deepfakes in Video

    • Hu et al., AAAI 2022. "FInfer: Frame Inference-Based Deepfake Detection for High-Visual-Quality Videos"
    • Zhao et al., CVPR 2021. "Multi-attentional deepfake detection"

  • Identification of Criminal Activities on The Dark Web using Machine Learning

    • Kumar et al., WWW 2020. "eDarkFind: Unsupervised Multi-View Learning for Sybil Account Detection"
    • Ke et al., WSDM 2022 "An Unsupervised Detection Framework for Chinese Jargons in the Darknet"

  • XAI for Malware Classification

    • Guo et al., CCS 2018. "LEMNA: Explaining deep learning based security applications"
    • Herath et al., DSN 2022. "CFGExplainer: Explaining Graph Neural Network-Based Malware Classification from Control Flow Graphs"