[Dailydave] Machine Learning and Dimensions and stuff

Fri Nov 21 16:19:52 EST 2014

The implications are though, that even if the adversary adapts, that the ML
analytic is forcing the adversary to operate in a smaller space to avoid
appearing anomalous. I consider anything that can shift the balance of cost
from the defender to the adversary to be wildly successful.

--Willie

On Thu, Nov 20, 2014 at 5:25 PM, Halvar Flake <HalVar at gmx.de> wrote:

> Hey all,
>
> thanks for the link, and it is indeed a fun talk :-)
>
> An important detail that many people in "machine learning for security" neglect
> is that the vast majority
> of ML algorithms were not designed for (and will not function well) in an
> adversarial model. Normally,
> one is trying to model an unknown statistical process based on past
> observables; the concept that the
> statistical process may adapt itself with the intent of fooling you isn't
> really of interest when you try to
> recognize faces / letters / cats / copyrighted content programmatically.
>
> For entertainment, I think everyone that plays with statistics / curve
> fitting / machine learning in our field
> should have a look at two things:
>
>     http://cvdazzle.com/ - people trying crazy makeup / hair styles to
> screw with face detection.
>     http://blaine-nelson.com/research/pubs/Huang-Joseph-AISec-2011 - a
> riot of a paper that introduces "Adversarial Machine Learning"
>
> This doesn't mean that you can't have huge successes temporarily using ML
> / curve fitting / statistics;
> attackers haven't felt the need to adapt to anything but AV signatures
> and DNS blacklisting yet, so relatively simple
> ML will have big gains initially. I suspect, though, that a really
> important part of using ML for defense in any form
> is "not becoming an oracle" - which is often counter to commercial
> success. It may be that the only good, long-term
> ML-based defense is one that can't be bought.
>
> Cheers,
> Halvar
>
>
>
>
> *Gesendet:* Donnerstag, 20. November 2014 um 19:16 Uhr
> *Von:* "Dave Aitel" <dave at immunityinc.com>
> *An:* dailydave at lists.immunityinc.com
> *Betreff:* [Dailydave] Machine Learning and Dimensions and stuff
> https://vimeo.com/112322888
>
> Dmitri pointed me at the above talk which is essentially a good
> specialized 101-level lecture on how machine learning works in the
> security space.
>
> There's not much to criticize in the talk! (It has a lot of the features
> of El Jefe!) They use a real graph database to run their algorithms
> against process trees - but if you wanted to heckle you'd ask "Doesn't
> the CreateProcess() system call also take "parent process" as an
> argument? What IS the rate of false positives? Because if you can't get
> it down to basically 0 then you are essentially wasting your time? etc." :>
>
> But again, nobody asked any hard questions - and while the talk nibbled
> around the edges of the tradeoffs with using machine learning techniques
> on this kind of data, it didn't go into any depth at all about which
> ones they've tried and failed at. It's a technical talk, but it's not a
> DETAILED talk in the sense of "Here's some outliers that show us where
> we fail and where we succeed and perhaps why".
>
> That said, if you don't have a plan to do this sort of thing, then
> you're probably failing at some level, so worth a watch. :>
>
> -dave
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141121/c261eae8/attachment.html>