BSidesLV 2016 has ended
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
Tuesday, August 2 • 15:00 - 15:55
Defeating Machine Learning: Systemic Deficiencies for Detecting Malware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Malware detection tools have evolved significantly over the last several decades in response to increasingly complex threats. Machine learning has emerged as a particularly robust solution and is often touted as the ultimate zero-day malware detection technology. As adoption increases, it is important to recognize and explore shortcomings and vulnerabilities of machine learning solutions.

In this talk, we discuss several of these shortcomings and attempt to dispel the false sense of security surrounding the use of the term “machine learning”. We then do a deep dive into a particular vulnerability that is systemic to virtually all malware detection technologies – that defeating one instance of a security solution allows an attacker to defeat all deployed instances. This stems from the fact that previous and current solutions (*including* those that employ machine learning) distribute identical deployments.

We propose a new deployment paradigm that addresses the shared deployment problem above, ensuring near-equal efficacy but high diversity among security solution deployments. We then present promising comparative results between machine learning classifiers trained and distributed using this paradigm vs. classifiers trained using traditional methods.

avatar for Wes Connell

Wes Connell

Threat Researcher, BluVector
I'm especially motivated and passionate for dramatically improving data hunting tradecraft within the cyber security domain. I have a very broad range of technical interests - particularly in the security dimension of hardware, software, systems, and networks. When I'm not hacking... Read More →
avatar for Ryan Peters

Ryan Peters

Applied Data Scientist, BluVector
Ryan Peters is a data scientist and software engineer at BluVector, developing machine learning approaches for malware detection. He holds a Bachelor's degree in Biomedical Engineering from Case Western Reserve University and a Master's degree in Biomedical Engineering from Duke... Read More →

Tuesday August 2, 2016 15:00 - 15:55 PDT
Ground Truth Florentine F