<div dir="ltr"><br><div>The implications are though, that even if the adversary adapts, that the ML analytic is forcing the adversary to operate in a smaller space to avoid appearing anomalous. I consider anything that can shift the balance of cost from the defender to the adversary to be wildly successful. </div><div><br></div><div>--Willie</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Nov 20, 2014 at 5:25 PM, Halvar Flake <span dir="ltr"><<a href="mailto:HalVar@gmx.de" target="_blank">HalVar@gmx.de</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div style="font-family:Verdana;font-size:12.0px"><div>Hey all,</div>
<div> </div>
<div>thanks for the link, and it is indeed a fun talk :-)</div>
<div> </div>
<div>An important detail that many people in "machine learning for security" <span style="line-height:1.6em">neglect is that the vast </span><span style="line-height:1.6em">majority </span></div>
<div><span style="line-height:1.6em">of ML algorithms were not designed for (and will not </span><span style="line-height:1.6em">function well) in an adversarial model. Normally,</span></div>
<div><span style="line-height:1.6em">one is trying to model an unknown statistical process based on past observables; the concept that the </span></div>
<div><span style="line-height:1.6em">statistical process may adapt itself with the intent of fooling you isn't really of interest when you try to</span></div>
<div><span style="line-height:1.6em">recognize faces / letters / cats / copyrighted content programmatically.</span></div>
<div> </div>
<div><span style="line-height:1.6em">For entertainment, I think everyone that plays with statistics / curve fitting / machine learning in our field</span></div>
<div><span style="line-height:1.6em">should have a look at two things:</span></div>
<div> </div>
<div> <a href="http://cvdazzle.com/" target="_blank">http://cvdazzle.com/</a> - people trying crazy makeup / hair styles to screw with face detection.</div>
<div><span style="font-family:Verdana;font-size:12px;line-height:19.2000007629395px"> <a href="http://blaine-nelson.com/research/pubs/Huang-Joseph-AISec-2011" target="_blank">http://blaine-nelson.com/research/pubs/Huang-Joseph-AISec-2011</a> - a riot of a paper that introduces "Adversarial Machine Learning"</span></div>
<div> </div>
<div>This doesn't mean that you can't have huge successes temporarily using ML / curve fitting / statistics;</div>
<div>attackers <span style="line-height:1.6em">haven't felt the need to adapt to anything but AV signatures and DNS blacklisting yet, so </span><span style="line-height:1.6em">relatively simple </span></div>
<div><span style="line-height:1.6em">ML will have big gains initially. I suspect, though, that a really important part of using ML for defense in any form</span></div>
<div><span style="line-height:1.6em">is "not becoming an oracle" - which is often counter to commercial success. It may be that the only good, long-term</span></div>
<div><span style="line-height:1.6em">ML-based defense is one that can't be bought.</span></div>
<div> </div>
<div><span style="line-height:1.6em">Cheers,</span></div>
<div><span style="line-height:1.6em">Halvar</span></div>
<div> </div>
<div> </div>
<div> </div>
<div>
<div name="quote" style="margin:10px 5px 5px 10px;padding:10px 0 10px 10px;border-left:2px solid #c3d9e5;word-wrap:break-word">
<div style="margin:0 0 10px 0"><b>Gesendet:</b> Donnerstag, 20. November 2014 um 19:16 Uhr<br>
<b>Von:</b> "Dave Aitel" <<a href="mailto:dave@immunityinc.com" target="_blank">dave@immunityinc.com</a>><br>
<b>An:</b> <a href="mailto:dailydave@lists.immunityinc.com" target="_blank">dailydave@lists.immunityinc.com</a><br>
<b>Betreff:</b> [Dailydave] Machine Learning and Dimensions and stuff</div>
<div name="quoted-content"><div><div class="h5"><a href="https://vimeo.com/112322888" target="_blank">https://vimeo.com/112322888</a><br>
<br>
Dmitri pointed me at the above talk which is essentially a good<br>
specialized 101-level lecture on how machine learning works in the<br>
security space.<br>
<br>
There's not much to criticize in the talk! (It has a lot of the features<br>
of El Jefe!) They use a real graph database to run their algorithms<br>
against process trees - but if you wanted to heckle you'd ask "Doesn't<br>
the CreateProcess() system call also take "parent process" as an<br>
argument? What IS the rate of false positives? Because if you can't get<br>
it down to basically 0 then you are essentially wasting your time? etc." :><br>
<br>
But again, nobody asked any hard questions - and while the talk nibbled<br>
around the edges of the tradeoffs with using machine learning techniques<br>
on this kind of data, it didn't go into any depth at all about which<br>
ones they've tried and failed at. It's a technical talk, but it's not a<br>
DETAILED talk in the sense of "Here's some outliers that show us where<br>
we fail and where we succeed and perhaps why".<br>
<br>
That said, if you don't have a plan to do this sort of thing, then<br>
you're probably failing at some level, so worth a watch. :><br>
<br>
-dave<br>
<br>
<br></div></div>
_______________________________________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com" target="_blank">Dailydave@lists.immunityinc.com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a></div>
</div>
</div></div></div>
<br>_______________________________________________<br>
Dailydave mailing list<br>
<a href="mailto:Dailydave@lists.immunityinc.com">Dailydave@lists.immunityinc.com</a><br>
<a href="https://lists.immunityinc.com/mailman/listinfo/dailydave" target="_blank">https://lists.immunityinc.com/mailman/listinfo/dailydave</a><br>
<br></blockquote></div><br></div>