Session

Towards Explainable Representations of Malware Behavior

We address the problems of (a) detecting malware in network telemetry logs and (b) providing a comprehensible explanation of behavioral patterns that identify the malware. We develop a neural network which processes a sequence of events observed on a network host and detects the presence of malware. Shapley values are then used to highlight events that jointly constitute the characteristic behavioral pattern of the malware. We demonstrate this architecture on detection of the njRAT malware.

Biography

I am a Postdoc at the University of Potsdam. I received a Master’s Degree in Computer Science (Diplominformatiker) in 2010 and a Ph.D. (Dr. rer. nat.) in 2016 from the University of Potsdam. I am interested in machine learning. My current research interests lie in generative adversarial networks, and data science. Machine learning has many diverse applications, and I am working on some of them: computer security (detecting of malware, analysis of encrypted network traffic), precision medicine, and model-building for various applications.

Latest news

The positive development of a privacy preserv...

Since the beginning of the year, we have watched COVID-19 cases fluctuate around the world, turning ...

How AI can learn to win the cybersecurity “game”

Cybersecurity is an incredibly serious business. So thinking of it as a game may seem a little odd. ...

Global audience makes first virtual CyberSec&...

The first virtual edition of CyberSec&AI Connected took place on October 8th. Building on 2019...

CyberSec&AI Connected is here!

After a year of planning and preparation, CyberSec&AI Connected has arrived. Today sees delegate...