This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Welcome to BSidesLV 2016, our 8th annual BSides in beautiful Las Vegas, Nevada!
View analytic
Tuesday, August 2 • 15:00 - 15:55
Defeating Machine Learning: Systemic Deficiencies for Detecting Malware

Sign up or log in to save this to your schedule and see who's attending!

Malware detection tools have evolved significantly over the last several decades in response to increasingly complex threats. Machine learning has emerged as a particularly robust solution and is often touted as the ultimate zero-day malware detection technology. As adoption increases, it is important to recognize and explore shortcomings and vulnerabilities of machine learning solutions.

In this talk, we discuss several of these shortcomings and attempt to dispel the false sense of security surrounding the use of the term “machine learning”. We then do a deep dive into a particular vulnerability that is systemic to virtually all malware detection technologies – that defeating one instance of a security solution allows an attacker to defeat all deployed instances. This stems from the fact that previous and current solutions (*including* those that employ machine learning) distribute identical deployments.

We propose a new deployment paradigm that addresses the shared deployment problem above, ensuring near-equal efficacy but high diversity among security solution deployments. We then present promising comparative results between machine learning classifiers trained and distributed using this paradigm vs. classifiers trained using traditional methods.

avatar for Wes Connell

Wes Connell

Threat Researcher, BluVector
I'm especially motivated and passionate for dramatically improving data hunting tradecraft within the cyber security domain. I have a very broad range of technical interests - particularly in the security dimension of hardware, software, systems, and networks. When I'm not hacking the planet, I enjoy playing more golf than is healthy and painfully rooting for the Washington Capitals.
avatar for Ryan Peters

Ryan Peters

Applied Data Scientist, BluVector
Ryan Peters is a data scientist and software engineer at BluVector, developing machine learning approaches for malware detection. He holds a Bachelor's degree in Biomedical Engineering from Case Western Reserve University and a Master's degree in Biomedical Engineering from Duke University with a focus on computational modeling.

Tuesday August 2, 2016 15:00 - 15:55
Ground Truth Florentine F