Show simple item record

dc.contributor.authorDumitras, Tudor
dc.date.accessioned2017-10-11T16:25:35Z
dc.date.available2017-10-11T16:25:35Z
dc.date.issued2017-09-29
dc.identifier.urihttp://hdl.handle.net/1853/58827
dc.descriptionPresented on September 29, 2017 at 12:00 p.m. in the Klaus Advanced Computing Building, Room 1116W.en_US
dc.descriptionTudor Dumitras is an Assistant Professor in the Electrical & Computer Engineering Department at the University of Maryland, College Park. His research focuses on Big Data approaches to problems in system security and dependability.en_US
dc.descriptionRuntime: 65:11 minutesen_US
dc.description.abstractThe detection of malware and network attacks increasingly relies on machine learning techniques, which utilize multiple features to separate the malicious and benign behaviors. The effectiveness of these techniques primarily depends on the feature engineering process, which is based on human knowledge and intuition. However, given the adversaries’ efforts to evade detection and the growing volume of security reports and publications, the human-driven feature engineering likely draws from a fraction of the relevant knowledge. In this talk, I will present an approach to engineer such features automatically, by mining natural language documents such as research papers, industry reports and hacker forums. We utilize techniques inspired by IBM’s Watson question answering system, and we address challenges and opportunities specific to the security domain. As a proof of concept, we train a classifier with automatically engineered features for detecting Android malware, and we achieve a performance comparable to that of a state-of-the-art malware detector, which uses manually engineered features. In addition, our techniques can suggest informative features that are absent from the manually engineered set, and they can link the features generated to human-understandable concepts that describe malware behaviors. Finally, I will discuss the remaining challenges for automatically extracting semantic security insights from natural language and the opportunities that this direction opens for understanding and predicting adversary behaviors.en_US
dc.format.extent65:11 minutes
dc.language.isoen_USen_US
dc.publisherGeorgia Institute of Technologyen_US
dc.relation.ispartofseriesCybersecurity Lecture Seriesen_US
dc.subjectFeature engineeringen_US
dc.subjectMachine learningen_US
dc.subjectSecurityen_US
dc.titleAutomatic Feature Engineering: Learning to Detect Malware by Mining the Scientific Literatureen_US
dc.typeLectureen_US
dc.typeVideoen_US
dc.contributor.corporatenameGeorgia Institute of Technology. Institute for Information Security & Privacyen_US
dc.contributor.corporatenameUniversity of Maryland. Dept.of Electrical and Computer Engineeringen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record