Questions tagged [machine-learning]
How to use machine learning for security (e.g. for filtering or analytics) as well as security of machine learning systems (e.g. attempts to "fool" them).
30 questions
2
votes
1
answer
157
views
Does revealing semantic similarity scores between AES-encrypted data create an exploitable side channel?
Background: My expertise is in machine learning/AI, not cryptography, so I apologize if I'm missing fundamental security concepts. I'm trying to build a privacy-preserving AI agent system and want to ...
- 123
0
votes
1
answer
265
views
Can Deep Learning predict Encryption Keys in Elliptic Curve Diffie Hellman Ephemeral
I was talking to my friend who is building an AI startup, and his premise was Deep Learning, can somehow be used, to predict, when fed the correct data (input) and run for multiple (n; n = large) ...
0
votes
0
answers
41
views
How to analyze code files (Java, PHP, Python) for malicious code? [duplicate]
How can we analyze files like .jar or .php or .py files for malicious code?
I need to automate the analysis process using machine learning. What should be the features in these cases?
- 13
1
vote
1
answer
168
views
Static malware analysis using machine learning
As you know, using machine learning we can detect malware.
We can use dynamic analysis based on WinAPI function calls and their arguments.
But what about static analysis using machine learning? In ...
- 13
1
vote
2
answers
474
views
Can a machine learning model contain malicious code?
As interest in machine learning grows, it is becoming common for people without a background in data science like myself, to grab models from sources such as HuggingFace and run them.
Now my ...
- 113
1
vote
1
answer
174
views
Encrypted semantic search
I want to implement semantic search but in an encrypted fashion.
For storing passwords, we store Enc(password) in a database, and when a user logs in, we check if Enc(query) == entry in the database.
...
3
votes
1
answer
229
views
CWEs for Language Machine Learning Models
I'm looking for the relevant CWE's for specific attacks against prompt-based language ML models, such as GPT-3, GPT-4 etc.
Specifically:
Prompt Injection: Amending prompts with malicious input to ...
- 61
1
vote
0
answers
106
views
Are there any pretrained Malheur malware classification models or predefined datasets out there? [closed]
At my school's information security course we learned the basics of https://github.com/rieck/malheur
Are there any pretrained models? I imagine a use-case where I have several pretrained models then ...
- 111
1
vote
2
answers
208
views
How to source training data in ML for information security? [closed]
A company entrusts a Data Scientist with the mission of processing and valuing data for the research or treatment of events related to traces of computer attacks. I was wondering how would he get the ...
0
votes
2
answers
348
views
Can Machine Learning be utilized to identify and track IP Spoofing?
"IP Spoofing" refers to changing source IP addresses so that the attack appears to be coming from someone else.
When the victim replies to the address, it goes back to the spoofed address ...
- 1
1
vote
0
answers
167
views
Publicly Available PCAP dumps that associate IP addresses with Operating System? [closed]
I am currently working on a machine learning module to detect Operating Systems based on existing packet traffic in pcap file format. So far, I have generated some traffic of popular Operating Systems ...
- 11
1
vote
0
answers
159
views
Anonymous (privacy-preserving) random walk
Quoting this paper - SmartWalk (https://dl.acm.org/doi/pdf/10.1145/2976749.2978319):
For graph privacy, strong link privacy relies on deep perturbation to
the original graph, indicating a large ...
- 153
0
votes
2
answers
372
views
What is the current state of author recognition software and what can be done about it?
I'm curious what the current state of author recognition software is, i.e. software that detects the author of a certain anonymous text based on a certain pool of texts obtained from elsewhere. This ...
1
vote
2
answers
290
views
What is the term for adding benign code/behavior to malware to evade antiviruses?
Some malware authors add benign code/behavior to their malware just to throw off antiviruses and IDSs which employ machine learning to detect malware. There is a name for this technique (and even a ...
1
vote
0
answers
331
views
FYP ideas in Applications of Machine Learning in Cyber Security domain [closed]
I am a Computer Science Engineering undergraduate aspiring to pursue a career in the field of cyber security. I have some experience in web application security, memory and network forensics fields. I ...
- 11