SlideShare uma empresa Scribd logo

BlueHat v18 || Protecting the protector, hardening machine learning defenses against adversarial attacks

BlueHat Security Conference
BlueHat Security Conference

Jugal Parikh, Microsoft Holly Stewart, Microsoft Humans are susceptible to social engineering. Machines are susceptible to tampering. Machine learning is vulnerable to adversarial attacks. Singular machine learning models can be “gamed” leading to unexpected outcomes. In this talk, we’ll compare the difficulty of tampering with cloud-based models and client-based models. We then discuss how we developed stacked ensemble models to make our machine learning defenses less susceptible to tampering and significantly improve overall protection for our customers. We talk about the diversity of our base ML models and technical details on how they are optimized to handle different threat scenarios. Lastly, we’ll describe suspected tampering activity we’ve witnessed using protection telemetry from over half a billion computers, and whether our mitigation worked.

Tecnologia
1 de 74
Baixar para ler offline
Jugal Parikh, Senior Data Scientist Holly Stewart, Principal Research Manager Randy Treit, Senior Researcher
W i n d o w s D e f e n d e r E n d p o i n t P r o t e c t i o n E n d p o i n t P r o t e c t i o n Blocks low reputation web downloads Blocks malicious websites W i n d o w s D e f e n d e r E n d p o i n t D e t e c t i o n a n d R e s p o n s e D e t e c t i o n a n d R e m e d i a t i o n After execution - Windows Defender ATP monitors for post-breach signals After execution - Windows Defender Hexadite can reverse damage Blocks malicious programs and content (scripts, docs, etc.) W i n d o w s D e f e n d e r S m a r t S c r e e n Monitors behaviors and terminates bad processes Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
T h r e a t P r e d i c t R e s e a r c h T e a m Cloud Client O u r f o c u s : U s e m a c h i n e l e a r n i n g t o b l o c k a t t a c k s f o r W i n d o w s D e f e n d e r A T P
Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
UNKNOWN UNKNOWNSEXPERTS→ LABELS→ ML→ PREDICTIONS ANOMALY DETECTION SUPERVISED UNSUPERVISED
EXPERTS→ LABELS→ ML→ PREDICTIONS SUPERVISED
Pro: Disconnected protection Con: Silent adversarial brute force attacks
No private brute forcing Minimal client performance impact
Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
Immunity from antimalware automation attacks
 Synthetic traffic designed to quickly gain reputation on a digital certificate  Targeted Windows 8  Originally surfaced as a high percentage of traffic that wasn’t classified  Low-volume and unsigned file attacks were also identified during investigation 30% 40% 50% 60% 70% 80% 90% 100% 2/15 2/17 2/19 2/21 2/23 2/25 2/27 2/29 3/2 3/4 3/6 3/8 3/10 3/12 3/14 Percent Classified Traffic Win10 Win8 Win7
 Attackers guessed major features (time, traffic, digital certificate)  Team developed complementary models with additional features that filtered fake traffic out of telemetry  Combination of models removed attack traffic from training data 60% 65% 70% 75% 80% 85% 90% 95% 100% 2/7/2017 2/12/2017 2/17/2017 2/22/2017 2/27/2017 3/4/2017 3/9/2017 3/14/2017 3/19/2017 3/24/2017 3/29/2017 4/3/2017 4/8/2017 4/13/2017 4/18/2017 4/23/2017 4/28/2017 5/3/2017 Percent Classified with and without Complementary Models
 Research on adversarial attacks against deep learning classifiers  Showed that an ensemble of classifiers helped defend against the attacks tested in the paper  See more at: Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Classification Models Jack W. Stokes, De Wang, Mady Marinescu, Marc Marino, Brian Bussone https://arxiv.org/abs/1712.05919 Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing ResultsEnsemble Model Development and Testing
Ensemble Model Development and Testing Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
1 1 Wolpert, David H. "Stacked generalization." Neural networks 5.2 (1992): 241-259.
Dealing with:  Active adversarial attempts  Volatility in data distribution/ Covariate Shift  Noisy environment Scale:  Petabytes of threat Intelligence daily Evaluate:  ~2.3 Billion global queries everyday
Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
 Different feature sets
Process and installation ProcessName ParentProcess TriggeringSignal TriggeringFile Download IP and URL Parent/child relationships Machine attributes Partial and Fuzzy hashes ClusterHash ImportHash Fuzzy hashes Full File Content Header Footer Raw file content File properties File Geometry FileSize FileMetaData …. Signer info Issuer Publisher Signer Behavioral Connection IP System changes API calls Process injection Locale Locale setting Geographical location Behavioral and contextual attributes Static file attributes OS version Processor Security settings Features - Highly dimensional data Researcher Expertise 10k+ researcher attributes 100k+ static attributes 10k+ behavioral attributes Feature Set Training Algorithms Training Data Sets Optimization Settings
 Different feature sets  Different training algorithms and data sets
Feature Set Learner # of Features PE Properties Fast Tree Ensemble 10K+ features Researcher Expertise Boosted Tree Ensemble 190K+ features Behavioral Boosted Tree Ensemble 6M+ features Fuzzy Hash 1 Random Forest 512+ features Fuzzy Hash 2 SDCA 10M+ features Static, Dynamic and Contextual Averaged Perceptron 16M+ features Researcher Expertise, Fuzzy Hash Averaged Perceptron 12M+ features File Emulation DNN 150K+ features File Detonation DNN 10M+ features Feature Set Training Algorithms Training Data Sets Optimization Settings
 Different feature sets  Different training algorithms and data sets  Different optimization settings based on threat scenarios
Training Cadence: Classifiers:  Malware  Clean  Potentially unwanted software  File type (js, vbs, pdf, PE, etc) Target:  Commercial or consumer?  Organization specific Feature Set Training Algorithms Training Data Sets Optimization Settings
Source: Twitter https://twitter.com/hashtag/aipuns
Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
Boolean Stacking 1 Binary Output 1 Model Probabilities Linear Stacking
Model Selection LightGBM !!! Averaged Perceptron !!! Logistic Regression!!! Fast Tree !!! XGBoost !!! DNN !!!
Train Time Validate Test
Supervised Training Optimization Evaluation Train Validate Test
LightGBM
Stacked Classifer
Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
Model evaluated on time-split test set Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 2,177 | 21,182 | 0.0932 negative || 14,004 |2,097,228 | 0.9934 ||====================== Precision || 0.1345 | 0.9900 | OVERALL ACCURACY: 0.9835 Uncalibrated model evaluated on 60 mins real world data Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 703,140 | 59,131 | 0.9224 negative || 2,1030 |8,013,623 | 0.9974 ||====================== Precision || 0.9710 | 0.9927 | OVERALL ACCURACY: 0.9811
Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
 Information from the label inadvertently works its way into the training features  Causes an overly optimistic assessment of generalization performance  Filtering features that correlate to the training labels Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 703,140 | 59,131 | 0.9224 negative || 2,1030 |8,013,623 | 0.9974 ||====================== Precision || 0.9710 | 0.9927 | OVERALL ACCURACY: 0.9811 Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 625,324 | 136,947 | 0.8203 negative || 29,540 |8,005,113 | 0.9963 ||====================== Precision || 0.9549 | 0.9832 | OVERALL ACCURACY: 0.9668 With some data leaks Filtering known data leaks
 Not all Base Classifiers classify every threat scenario  What you can do:  Retain each instance (don’t toss them)  Adding Boolean features indicating which classifiers returned a value  Cross Join between features Model Probability Verdict FileEmulation1 N/A Unknown FileDetonation N/A Unknown FuzzyHash1 N/A Unknown FuzzyHash2 0.014020299 Clean CloudClassifier1 N/A Unknown CloudClassifier2 N/A Unknown CloudClassifier3 N/A Unknown CloudClassifier4 N/A Unknown CloudClassifier5 N/A Unknown CloudClassifier6 N/A Unknown . . . . . . . . . ResearcherExpertise 0.07285905 Clean PEPropertiesClassifier N/A Unknown FileMetaDataClassifier1 N/A Unknown FileMetaDataClassifier2 N/A Unknown FileMetaDataClassifier3 N/A Unknown BehavioralClassifier1 N/A Unknown BehavioralClassifier2 N/A Unknown Stacked Ensemble 0.92 Malware
 Adding K-means distance for each instance from the centroid of each cluster as an input feature
 Control # training samples  Control ratio of clean/malware (label distribution)  Continuous monitoring of incoming telemetry to catch anomalies/ outliers before training Time
Source: Twitter https://twitter.com/hashtag/aipuns
Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
Ratio of number of instances perturbed Flipping top 2 Feature Values
Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
Supervised Training Adding Rogue Features
# of Random Classifiers False Positive Rate True Positive Rate 0 0.8746% 96.1824% 2 0.8834% 96.1222% 4 0.8912% 96.0385% 6 0.8939% 95.8932% 8 0.8974% 95.8462% 10 0.9131% 95.8462% The classifier can detect these random noises and the performance drop is negligible.
Cloud Client # of instances Label distribution Label sources Model gates Model monitoring Overall block monitoring Anomaly alerts Update features Identify feature evasion Unsupervised learning
Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing ResultsEnsemble Model Development and Testing
Other Cloud Blocks 88% Ensemble Blocks 12% Archive 4% Documents and macros 8% Other (1k+ types) PE File 68% Shortcut 11% Signed PE File 3% VBS 3%
malware clean
Filters out noisy signals from an occasionally underperforming model Increases predictive power with easy interpretability Adds resilience against attacks on individual models
 Small-scale attack in Central and Western Canada  Most targets reached within 5 ½ hours  73% of targets were commercial
Model Probability Verdict PDFClassifier - Unknown NonPEClassifier - Unknown CloudModel3 0.06 Clean? FuzzyHash1 0.07 Clean? FuzzyHash2 0.08 Clean? ResearchExpertise 0.99 Malware Ensemble1 0.27 ~Sketchy Ensemble2 0.84 Sketchy! Ensemble3 0.91 Malware Client Cloud
Model Probability Verdict FuzzyHash2 0.06 Clean? Ensemble1 0.27 ~Sketchy JsModel 0.52 Sketchy! ResearchExpertise 0.64 Sketchy! Ensemble3 0.91 Malware Client Cloud vNSAml.js
 Daewoo Chong (Windows Defender ATP Research)  Christian Seifert (Windows Defender ATP Research)  Allan Sepillo (Windows Defender ATP Research)  Bhavna Soman (Windows Defender ATP Research)  Jay Stokes (Microsoft Research)  Maria Vlachopoulou (Windows Defender ATP Research)  Samuel Wakasugui (Windows Defender ATP Research)
Today’s presentation All data and charts, unless otherwise noted, is from Microsoft. Blog: https://aka.ms/hardening-ML Upcoming conference presentations Virus Bulletin 2018 (Montreal): Starving malware authors through dynamic classification Karishma Sanghvi (Microsoft), Joe Blackbird (Microsoft) Blog Posts and Other References Antivirus evolved Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses How artificial intelligence stopped an Emotet outbreak Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign Machine Learning vs. Social Engineering Whitepaper: The Evolution of Malware Prevention
Client-based machine learning is susceptible to brute force attacks After you deploy, ensure you have monitors to alert on potential tampering Consider the various vectors of attack, identify most likely vectors, then test them Build a diverse set of complementary models, then add an ensemble layer
adversarialml@microsoft.com

Recomendados

Android Application Security
Android Application SecurityAndroid Application Security
Android Application SecurityChong-Kuan Chen
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwarePriyanka Aash
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Priyanka Aash
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Lateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkLateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkEC-Council
 
Malware collection and analysis
Malware collection and analysisMalware collection and analysis
Malware collection and analysisChong-Kuan Chen
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 

Recomendados

Android Application Security
Android Application SecurityAndroid Application Security
Android Application SecurityChong-Kuan Chen
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwareDefcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malwarePriyanka Aash
 
Automatic tool for static analysis
Automatic tool for static analysisAutomatic tool for static analysis
Automatic tool for static analysisChong-Kuan Chen
 
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Priyanka Aash
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliDefcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteliPriyanka Aash
 
Lateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkLateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkEC-Council
 
Malware collection and analysis
Malware collection and analysisMalware collection and analysis
Malware collection and analysisChong-Kuan Chen
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014Chong-Kuan Chen
 
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisChong-Kuan Chen
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
BlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an emailBlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an emailBlueHat Security Conference
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-mainDefcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-mainPriyanka Aash
 
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Malachi Jones
 
Defcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-roomDefcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-roomPriyanka Aash
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the KingdomDennis Maldonado
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on androidCSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on androidCanSecWest
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesIoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesPriyanka Aash
 
DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...Priyanka Aash
 
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...CODE BLUE
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of LogsJack Crook
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...Priyanka Aash
 
Malware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdfMalware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdfYushimon
 

Mais conteúdo relacionado

Mais procurados

Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisChong-Kuan Chen
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareNatraj G
 
BlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an emailBlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an emailBlueHat Security Conference
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-mainDefcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-mainPriyanka Aash
 
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Malachi Jones
 
Defcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-roomDefcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-roomPriyanka Aash
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaEC-Council
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the KingdomDennis Maldonado
 
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on androidCSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on androidCanSecWest
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesIoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesPriyanka Aash
 
DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...Priyanka Aash
 
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...CODE BLUE
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of LogsJack Crook
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware AnalysisAlbert Hui
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware AnalysisAndrew McNicol
 

Mais procurados (20)

Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
 
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
 
BlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an emailBlueHat v18 || A turla gift - popping calc.exe by sending an email
BlueHat v18 || A turla gift - popping calc.exe by sending an email
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
 
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-mainDefcon 22-philip-young-from-root-to-special-hacking-ibm-main
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
 
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
Automated In-memory Malware/Rootkit Detection via Binary Analysis and Machin...
 
Defcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-roomDefcon 22-jesus-molina-learn-how-to-control-every-room
Defcon 22-jesus-molina-learn-how-to-control-every-room
 
The Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George DobreaThe Dark Side of PowerShell by George Dobrea
The Dark Side of PowerShell by George Dobrea
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the Kingdom
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
CSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on androidCSW2017 Geshev+Miller logic bug hunting in chrome on android
CSW2017 Geshev+Miller logic bug hunting in chrome on android
 
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case StudiesIoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
IoT Malware: Comprehensive Survey, Analysis Framework and Case Studies
 
DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon Singapore 2018 - System call auditing made effective with machine l...
DevSecCon Singapore 2018 - System call auditing made effective with machine l...
 
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
From Thousands of Hours to a Couple of Minutes: Automating Exploit Generation...
 
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
PANDEMONIUM: Automated Identification of Cryptographic Algorithms using Dynam...
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of Logs
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
Basic Malware Analysis
Basic Malware AnalysisBasic Malware Analysis
Basic Malware Analysis
 
Introduction to Malware Analysis
Introduction to Malware AnalysisIntroduction to Malware Analysis
Introduction to Malware Analysis
 

Semelhante a BlueHat v18 || Protecting the protector, hardening machine learning defenses against adversarial attacks

Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...Priyanka Aash
 
Malware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdfMalware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdfYushimon
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsYulian Slobodyan
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedYury Chemerkin
 
Can we induce change with what we measure?
Can we induce change with what we measure?Can we induce change with what we measure?
Can we induce change with what we measure?Michaela Greiler
 
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Security Conference
 
B4UConference_machine learning_deeplearning
B4UConference_machine learning_deeplearningB4UConference_machine learning_deeplearning
B4UConference_machine learning_deeplearningHoa Le
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chanceDr. Anish Cheriyan (PhD)
 
How to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsHow to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsDevOps.com
 
Application of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityApplication of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityPratap Dangeti
 
Building functional Quality Gates with ReportPortal
Building functional Quality Gates with ReportPortalBuilding functional Quality Gates with ReportPortal
Building functional Quality Gates with ReportPortalDmitriy Gumeniuk
 
Navy security contest-bigdataforsecurity
Navy security contest-bigdataforsecurityNavy security contest-bigdataforsecurity
Navy security contest-bigdataforsecuritystelligence
 
Security best practices
Security best practicesSecurity best practices
Security best practicesAVEVA
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksMicrosoft
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesClint Edmonson
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
STRIDE: Digging Vulnerability by Threat Modelling
STRIDE: Digging Vulnerability by Threat ModellingSTRIDE: Digging Vulnerability by Threat Modelling
STRIDE: Digging Vulnerability by Threat ModellingMohammad Febri
 
Certification Study Group - NLP & Recommendation Systems on GCP Session 5
Certification Study Group - NLP & Recommendation Systems on GCP Session 5Certification Study Group - NLP & Recommendation Systems on GCP Session 5
Certification Study Group - NLP & Recommendation Systems on GCP Session 5gdgsurrey
 

Semelhante a BlueHat v18 || Protecting the protector, hardening machine learning defenses against adversarial attacks (20)

Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
Protecting the Protector, Hardening Machine Learning Defenses Against Adversa...
 
Malware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdfMalware Analysis Tips and Tricks.pdf
Malware Analysis Tips and Tricks.pdf
 
Security Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and ToolsSecurity Training: #3 Threat Modelling - Practices and Tools
Security Training: #3 Threat Modelling - Practices and Tools
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
 
Can we induce change with what we measure?
Can we induce change with what we measure?Can we induce change with what we measure?
Can we induce change with what we measure?
 
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
BlueHat Seattle 2019 || The good, the bad & the ugly of ML based approaches f...
 
B4UConference_machine learning_deeplearning
B4UConference_machine learning_deeplearningB4UConference_machine learning_deeplearning
B4UConference_machine learning_deeplearning
 
spamzombieppt
spamzombiepptspamzombieppt
spamzombieppt
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
How to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot EnvironmentsHow to Manage the Risk of your Polyglot Environments
How to Manage the Risk of your Polyglot Environments
 
Application of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityApplication of Machine Learning in Cybersecurity
Application of Machine Learning in Cybersecurity
 
Building functional Quality Gates with ReportPortal
Building functional Quality Gates with ReportPortalBuilding functional Quality Gates with ReportPortal
Building functional Quality Gates with ReportPortal
 
Navy security contest-bigdataforsecurity
Navy security contest-bigdataforsecurityNavy security contest-bigdataforsecurity
Navy security contest-bigdataforsecurity
 
Security best practices
Security best practicesSecurity best practices
Security best practices
 
How to protect your corporate from advanced attacks
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacks
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri Diogenes
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
STRIDE: Digging Vulnerability by Threat Modelling
STRIDE: Digging Vulnerability by Threat ModellingSTRIDE: Digging Vulnerability by Threat Modelling
STRIDE: Digging Vulnerability by Threat Modelling
 
Certification Study Group - NLP & Recommendation Systems on GCP Session 5
Certification Study Group - NLP & Recommendation Systems on GCP Session 5Certification Study Group - NLP & Recommendation Systems on GCP Session 5
Certification Study Group - NLP & Recommendation Systems on GCP Session 5
 

Mais de BlueHat Security Conference

BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Security Conference
 
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Security Conference
 
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Security Conference
 
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Security Conference
 
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Security Conference
 
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Security Conference
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Security Conference
 
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Security Conference
 
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Security Conference
 
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Security Conference
 
BlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat Security Conference
 
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat Security Conference
 
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat Security Conference
 
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat Security Conference
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat Security Conference
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat Security Conference
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat Security Conference
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 
BlueHat v18 || An ice-cold boot to break bit locker
BlueHat v18 || An ice-cold boot to break bit lockerBlueHat v18 || An ice-cold boot to break bit locker
BlueHat v18 || An ice-cold boot to break bit lockerBlueHat Security Conference
 

Mais de BlueHat Security Conference (20)

BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
BlueHat Seattle 2019 || The cake is a lie! Uncovering the secret world of mal...
 
BlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || KeynoteBlueHat Seattle 2019 || Keynote
BlueHat Seattle 2019 || Keynote
 
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One StoryBlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
BlueHat Seattle 2019 || Guarding Against Physical Attacks: The Xbox One Story
 
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and DefenseBlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
BlueHat Seattle 2019 || Kubernetes Practical Attack and Defense
 
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come aloneBlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
BlueHat Seattle 2019 || Open Source Security, vulnerabilities never come alone
 
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILsBlueHat Seattle 2019 || Modern Binary Analysis with ILs
BlueHat Seattle 2019 || Modern Binary Analysis with ILs
 
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
BlueHat Seattle 2019 || Don't forget to SUBSCRIBE.
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
 
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR InvestigationsBlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
BlueHat Seattle 2019 || Autopsies of Recent DFIR Investigations
 
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
BlueHat Seattle 2019 || Are We There Yet: Why Does Application Security Take ...
 
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
BlueHat Seattle 2019 || Building Secure Machine Learning Pipelines: Security ...
 
BlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiledBlueHat v18 || First strontium uefi rootkit unveiled
BlueHat v18 || First strontium uefi rootkit unveiled
 
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzingBlueHat v18 || WSL reloaded - Let's try to do better fuzzing
BlueHat v18 || WSL reloaded - Let's try to do better fuzzing
 
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxyBlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
BlueHat v18 || The hitchhiker's guide to north korea's malware galaxy
 
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windowsBlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
BlueHat v18 || Retpoline - the anti-spectre (type 2) mitigation in windows
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and well
 
BlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without deviceBlueHat v18 || Massive scale usb device driver fuzz without device
BlueHat v18 || Massive scale usb device driver fuzz without device
 
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
BlueHat v18 || Modern day entomology - examining the inner workings of the bu...
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
 
BlueHat v18 || An ice-cold boot to break bit locker
BlueHat v18 || An ice-cold boot to break bit lockerBlueHat v18 || An ice-cold boot to break bit locker
BlueHat v18 || An ice-cold boot to break bit locker
 

Último

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Último (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

BlueHat v18 || Protecting the protector, hardening machine learning defenses against adversarial attacks

  • 1. Jugal Parikh, Senior Data Scientist Holly Stewart, Principal Research Manager Randy Treit, Senior Researcher
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. W i n d o w s D e f e n d e r E n d p o i n t P r o t e c t i o n E n d p o i n t P r o t e c t i o n Blocks low reputation web downloads Blocks malicious websites W i n d o w s D e f e n d e r E n d p o i n t D e t e c t i o n a n d R e s p o n s e D e t e c t i o n a n d R e m e d i a t i o n After execution - Windows Defender ATP monitors for post-breach signals After execution - Windows Defender Hexadite can reverse damage Blocks malicious programs and content (scripts, docs, etc.) W i n d o w s D e f e n d e r S m a r t S c r e e n Monitors behaviors and terminates bad processes Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
  • 7. T h r e a t P r e d i c t R e s e a r c h T e a m Cloud Client O u r f o c u s : U s e m a c h i n e l e a r n i n g t o b l o c k a t t a c k s f o r W i n d o w s D e f e n d e r A T P
  • 8. Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
  • 9. UNKNOWN UNKNOWNSEXPERTS→ LABELS→ ML→ PREDICTIONS ANOMALY DETECTION SUPERVISED UNSUPERVISED
  • 10. EXPERTS→ LABELS→ ML→ PREDICTIONS SUPERVISED
  • 11.
  • 12.
  • 13.
  • 14.
  • 16. No private brute forcing Minimal client performance impact
  • 17. Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing Results
  • 18. Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
  • 19. Immunity from antimalware automation attacks
  • 20.  Synthetic traffic designed to quickly gain reputation on a digital certificate  Targeted Windows 8  Originally surfaced as a high percentage of traffic that wasn’t classified  Low-volume and unsigned file attacks were also identified during investigation 30% 40% 50% 60% 70% 80% 90% 100% 2/15 2/17 2/19 2/21 2/23 2/25 2/27 2/29 3/2 3/4 3/6 3/8 3/10 3/12 3/14 Percent Classified Traffic Win10 Win8 Win7
  • 21.  Attackers guessed major features (time, traffic, digital certificate)  Team developed complementary models with additional features that filtered fake traffic out of telemetry  Combination of models removed attack traffic from training data 60% 65% 70% 75% 80% 85% 90% 95% 100% 2/7/2017 2/12/2017 2/17/2017 2/22/2017 2/27/2017 3/4/2017 3/9/2017 3/14/2017 3/19/2017 3/24/2017 3/29/2017 4/3/2017 4/8/2017 4/13/2017 4/18/2017 4/23/2017 4/28/2017 5/3/2017 Percent Classified with and without Complementary Models
  • 22.  Research on adversarial attacks against deep learning classifiers  Showed that an ensemble of classifiers helped defend against the attacks tested in the paper  See more at: Attack and Defense of Dynamic Analysis-Based, Adversarial Neural Malware Classification Models Jack W. Stokes, De Wang, Mady Marinescu, Marc Marino, Brian Bussone https://arxiv.org/abs/1712.05919 Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing ResultsEnsemble Model Development and Testing
  • 23. Ensemble Model Development and Testing Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
  • 24. 1 1 Wolpert, David H. "Stacked generalization." Neural networks 5.2 (1992): 241-259.
  • 25. Dealing with:  Active adversarial attempts  Volatility in data distribution/ Covariate Shift  Noisy environment Scale:  Petabytes of threat Intelligence daily Evaluate:  ~2.3 Billion global queries everyday
  • 26. Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
  • 28. Process and installation ProcessName ParentProcess TriggeringSignal TriggeringFile Download IP and URL Parent/child relationships Machine attributes Partial and Fuzzy hashes ClusterHash ImportHash Fuzzy hashes Full File Content Header Footer Raw file content File properties File Geometry FileSize FileMetaData …. Signer info Issuer Publisher Signer Behavioral Connection IP System changes API calls Process injection Locale Locale setting Geographical location Behavioral and contextual attributes Static file attributes OS version Processor Security settings Features - Highly dimensional data Researcher Expertise 10k+ researcher attributes 100k+ static attributes 10k+ behavioral attributes Feature Set Training Algorithms Training Data Sets Optimization Settings
  • 29.  Different feature sets  Different training algorithms and data sets
  • 30. Feature Set Learner # of Features PE Properties Fast Tree Ensemble 10K+ features Researcher Expertise Boosted Tree Ensemble 190K+ features Behavioral Boosted Tree Ensemble 6M+ features Fuzzy Hash 1 Random Forest 512+ features Fuzzy Hash 2 SDCA 10M+ features Static, Dynamic and Contextual Averaged Perceptron 16M+ features Researcher Expertise, Fuzzy Hash Averaged Perceptron 12M+ features File Emulation DNN 150K+ features File Detonation DNN 10M+ features Feature Set Training Algorithms Training Data Sets Optimization Settings
  • 31.  Different feature sets  Different training algorithms and data sets  Different optimization settings based on threat scenarios
  • 32. Training Cadence: Classifiers:  Malware  Clean  Potentially unwanted software  File type (js, vbs, pdf, PE, etc) Target:  Commercial or consumer?  Organization specific Feature Set Training Algorithms Training Data Sets Optimization Settings
  • 33.
  • 35. Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
  • 37. Model Selection LightGBM !!! Averaged Perceptron !!! Logistic Regression!!! Fast Tree !!! XGBoost !!! DNN !!!
  • 39. Supervised Training Optimization Evaluation Train Validate Test
  • 42.
  • 43. Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
  • 44. Model evaluated on time-split test set Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 2,177 | 21,182 | 0.0932 negative || 14,004 |2,097,228 | 0.9934 ||====================== Precision || 0.1345 | 0.9900 | OVERALL ACCURACY: 0.9835 Uncalibrated model evaluated on 60 mins real world data Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 703,140 | 59,131 | 0.9224 negative || 2,1030 |8,013,623 | 0.9974 ||====================== Precision || 0.9710 | 0.9927 | OVERALL ACCURACY: 0.9811
  • 45. Ensemble ML Primer Diversity Requirements Developing the Model Testing the Model
  • 46.  Information from the label inadvertently works its way into the training features  Causes an overly optimistic assessment of generalization performance  Filtering features that correlate to the training labels Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 703,140 | 59,131 | 0.9224 negative || 2,1030 |8,013,623 | 0.9974 ||====================== Precision || 0.9710 | 0.9927 | OVERALL ACCURACY: 0.9811 Confusion table ||====================== PREDICTED || positive | negative | Recall TRUTH ||====================== positive || 625,324 | 136,947 | 0.8203 negative || 29,540 |8,005,113 | 0.9963 ||====================== Precision || 0.9549 | 0.9832 | OVERALL ACCURACY: 0.9668 With some data leaks Filtering known data leaks
  • 47.  Not all Base Classifiers classify every threat scenario  What you can do:  Retain each instance (don’t toss them)  Adding Boolean features indicating which classifiers returned a value  Cross Join between features Model Probability Verdict FileEmulation1 N/A Unknown FileDetonation N/A Unknown FuzzyHash1 N/A Unknown FuzzyHash2 0.014020299 Clean CloudClassifier1 N/A Unknown CloudClassifier2 N/A Unknown CloudClassifier3 N/A Unknown CloudClassifier4 N/A Unknown CloudClassifier5 N/A Unknown CloudClassifier6 N/A Unknown . . . . . . . . . ResearcherExpertise 0.07285905 Clean PEPropertiesClassifier N/A Unknown FileMetaDataClassifier1 N/A Unknown FileMetaDataClassifier2 N/A Unknown FileMetaDataClassifier3 N/A Unknown BehavioralClassifier1 N/A Unknown BehavioralClassifier2 N/A Unknown Stacked Ensemble 0.92 Malware
  • 48.  Adding K-means distance for each instance from the centroid of each cluster as an input feature
  • 49.  Control # training samples  Control ratio of clean/malware (label distribution)  Continuous monitoring of incoming telemetry to catch anomalies/ outliers before training Time
  • 51.
  • 52. Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
  • 53.
  • 54. Ratio of number of instances perturbed Flipping top 2 Feature Values
  • 55. Machine attributes Dynamic and contextual attributes Static file attributes Example: Averaged perceptron model with > .90 probability = 0.0001% false positive rate Cloud Client
  • 56. Supervised Training Adding Rogue Features
  • 57. # of Random Classifiers False Positive Rate True Positive Rate 0 0.8746% 96.1824% 2 0.8834% 96.1222% 4 0.8912% 96.0385% 6 0.8939% 95.8932% 8 0.8974% 95.8462% 10 0.9131% 95.8462% The classifier can detect these random noises and the performance drop is negligible.
  • 58.
  • 59. Cloud Client # of instances Label distribution Label sources Model gates Model monitoring Overall block monitoring Anomaly alerts Update features Identify feature evasion Unsupervised learning
  • 60. Introduction ML Primer Adversarial Attacks Ensemble Model Development and Testing ResultsEnsemble Model Development and Testing
  • 61. Other Cloud Blocks 88% Ensemble Blocks 12% Archive 4% Documents and macros 8% Other (1k+ types) PE File 68% Shortcut 11% Signed PE File 3% VBS 3%
  • 63. Filters out noisy signals from an occasionally underperforming model Increases predictive power with easy interpretability Adds resilience against attacks on individual models
  • 64.
  • 65.  Small-scale attack in Central and Western Canada  Most targets reached within 5 ½ hours  73% of targets were commercial
  • 66.
  • 67. Model Probability Verdict PDFClassifier - Unknown NonPEClassifier - Unknown CloudModel3 0.06 Clean? FuzzyHash1 0.07 Clean? FuzzyHash2 0.08 Clean? ResearchExpertise 0.99 Malware Ensemble1 0.27 ~Sketchy Ensemble2 0.84 Sketchy! Ensemble3 0.91 Malware Client Cloud
  • 68.
  • 69. Model Probability Verdict FuzzyHash2 0.06 Clean? Ensemble1 0.27 ~Sketchy JsModel 0.52 Sketchy! ResearchExpertise 0.64 Sketchy! Ensemble3 0.91 Malware Client Cloud vNSAml.js
  • 70.
  • 71.  Daewoo Chong (Windows Defender ATP Research)  Christian Seifert (Windows Defender ATP Research)  Allan Sepillo (Windows Defender ATP Research)  Bhavna Soman (Windows Defender ATP Research)  Jay Stokes (Microsoft Research)  Maria Vlachopoulou (Windows Defender ATP Research)  Samuel Wakasugui (Windows Defender ATP Research)
  • 72. Today’s presentation All data and charts, unless otherwise noted, is from Microsoft. Blog: https://aka.ms/hardening-ML Upcoming conference presentations Virus Bulletin 2018 (Montreal): Starving malware authors through dynamic classification Karishma Sanghvi (Microsoft), Joe Blackbird (Microsoft) Blog Posts and Other References Antivirus evolved Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses How artificial intelligence stopped an Emotet outbreak Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign Machine Learning vs. Social Engineering Whitepaper: The Evolution of Malware Prevention
  • 73. Client-based machine learning is susceptible to brute force attacks After you deploy, ensure you have monitors to alert on potential tampering Consider the various vectors of attack, identify most likely vectors, then test them Build a diverse set of complementary models, then add an ensemble layer