Session

Revisiting Concept Drift Detection in Malware Classification

While machine learning for malware classification shows encouraging results, real deployments suffer from performance degradation as malware authors adapt their techniques to evade detection. This evolution of malware results in a phenomenon known as concept drift as new test examples diverge further and further from the original training distribution. One promising method to cope with this phenomenon is classification with rejection in which examples that are likely to be misclassified are instead quarantined until they can be expertly analyzed.

In this talk we present an extension of TRANSCEND, a recently proposed framework for performing rejection based on conformal prediction theory. To aid practitioners, we determine the optimal operational settings for a TRANSCEND deployment, show how it can be applied to many popular learning algorithms, and discuss two additional conformal evaluators which surpass the original in terms of performance and computational cost.

 

Biography

Feargus is a PhD cybersecurity student with the Systems Security Research Lab at King’s College London and the Information Security Group at Royal Holloway, University of London where his research explores the limitations of machine learning when applied to security settings. He is supervised by Prof. Lorenzo Cavallaro and Prof. Johannes Kinder.

Feargus was recently a visiting student at The Alan Turing Institute, the UK’s national institute for data science and artificial intelligence and was previously a PhD intern with the Abusive Accounts Detection team at Facebook where he developed novel techniques for tracking adversarial behaviour on its social media platforms.

He is also the author and maintainer of TESSERACT, a framework and Python library for performing sound ML-based evaluations without experimental bias, and a core author and maintainer of TRANSCEND, a framework for detecting concept drift using conformal evaluation. 

Latest news

3 reasons you need to be at CyberSec&AI ...

Partnerships and collaborations drive progress and technological advances. With travel restrictions ...

Podcast: Avast’s Michal Pechoucek on what e...

Michal is one of the chief architects behind CyberSec&AI Connected, which takes place online on ...

Bobby Filar, Lead Data Scientist at Elastic, ...

Bobby Filar is the Lead Data Scientist at Elastic where he employs machine learning and natural lang...

Professor Lorenzo Cavallaro on adversarial ma...

Lorenzo leads the Systems Security Research Lab where he specializes in the intersection of program ...