فهرست مطالب
Preface
Organization
Contents
Machine Learning for Security
STAN: Synthetic Network Traffic Generation with Generative Neural Models
1 Introduction
2 Related Work
3 Problem Definition
4 Proposed Method
4.1 Joint Distribution Factorization
4.2 Neural Network Architecture
4.3 IP Address and Port Number Modeling
4.4 Baselines
4.5 Evaluation Metrics
5 Experimental Results
5.1 Understanding STAN Using Simulated Data
5.2 Real Network Traffic Data
6 Conclusion and Future Work
References
Machine Learning for Fraud Detection in E-Commerce: A Research Agenda
1 Introduction
2 An Operational Model of an Anti-fraud Department
2.1 Entities and Relations in the Operational Model
2.2 Research Topics
3 Investigation Support
3.1 Summary of the Literature
3.2 Open Research Challenges
4 Decision-Making
4.1 Summary of the Literature
4.2 Open Research Challenges
5 Selection Bias in Labels
5.1 Summary of the Literature
5.2 Open Research Challenges
6 Concept Drift
6.1 Summary of the Literature
6.2 Open Research Challenges
7 ML-Investigator Interaction
7.1 Summary of the Literature
7.2 Open Research Challenges
8 Model Deployment and Monitoring
8.1 Summary of the Literature
8.2 Open Research Challenges
9 Conclusion
References
Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-trained Language Models
1 Introduction
2 Problem Definition and Challenges
2.1 Few-Sample Named Entity Recognition
2.2 Named Entity Recognition for Vulnerability Reports
2.3 Data-Specific Challenges
3 Few-Sample NER for Vulnerability Reports
3.1 Fine-Tuning Pre-trained Language Models with Hundreds of Training Labels
3.2 Few-Shot Named Entity Recognition
4 Experiments
4.1 Datasets
4.2 Evaluation Metrics
4.3 Experimental Setup
4.4 Experimental Results: Fine-Tuning on the memc Category
4.5 Experimental Results: Transfer Learning on the Other 12 Categories
5 Related Work
5.1 Information Extraction in Public Vulnerability Database
5.2 Named Entity Recognition for Computer Security
5.3 Few-Sample Named Entity Recognition
6 Conclusions and Future Work
A Dataset Statistics
References
Malware Attack and Defense
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection Based on Image Representation of Bytecode
1 Introduction
2 Approach
2.1 Image Representation of Android Apps
2.2 Deep Learning Architecture
3 Study Design
3.1 Research Questions
3.2 Dataset
3.3 Empirical Setup
4 Study Results
4.1 RQ1: How Effective is DexRay in the Detection of Android Malware?
4.2 RQ2: How Effective is DexRay in Detecting New Android Malware?
4.3 RQ3: What is the Impact of Image-Resizing on the Performance of DexRay?
4.4 RQ4: How Does App Obfuscation Affect the Performance of DexRay?
5 Discussion
5.1 Simple But Effective
5.2 The Next Frontier in Malware Detection?
5.3 Explainability and Location Concerns
5.4 Threats to Validity
6 Related Work
6.1 Machine Learning-Based Android Malware Detection
6.2 Deep Learning-Based Android Malware Detection
6.3 Image-Based Malware Detection
7 Conclusion
References
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability
1 Introduction
2 Background and Related Work
2.1 Malware Visualization
2.2 Traditional Malware Camouflage
2.3 Adversarial Machine Learning
2.4 SoK of Existing Literatures
3 Robust Adversarial Example Attack Against Visualization-Based Malware Detection
3.1 Mask Generator
3.2 AE Generator
3.3 NOP Generator
3.4 AE Optimizer
4 Evaluation
4.1 Experiment Setup
4.2 Results
5 Discussion
5.1 Limitations
5.2 Future Work
6 Conclusion
References
A Survey on Common Threats in npm and PyPi Registries
1 Introduction
2 Background
2.1 Dependencies and Dependency Trees
2.2 Package Manager
2.3 Software Supply-Chain Attacks
2.4 Typosquatting and Combosquatting
2.5 Machine Learning
3 Motivation
4 General Overview of Vulnerabilities in npm and PyPi
4.1 Direct, Indirect Dependencies, and Heavy Code Reuse
4.2 Technical Lag
4.3 Squatting Attacks
4.4 Maintainers and Collaborators
4.5 Trivial Packages or Micropackages
4.6 PyPi Overview
4.7 Noteworthy Incidents
5 Discussion
5.1 Suggested Countermeasures
5.2 Future Direction
6 Conclusion
References
Author Index
Organization
Contents
Machine Learning for Security
STAN: Synthetic Network Traffic Generation with Generative Neural Models
1 Introduction
2 Related Work
3 Problem Definition
4 Proposed Method
4.1 Joint Distribution Factorization
4.2 Neural Network Architecture
4.3 IP Address and Port Number Modeling
4.4 Baselines
4.5 Evaluation Metrics
5 Experimental Results
5.1 Understanding STAN Using Simulated Data
5.2 Real Network Traffic Data
6 Conclusion and Future Work
References
Machine Learning for Fraud Detection in E-Commerce: A Research Agenda
1 Introduction
2 An Operational Model of an Anti-fraud Department
2.1 Entities and Relations in the Operational Model
2.2 Research Topics
3 Investigation Support
3.1 Summary of the Literature
3.2 Open Research Challenges
4 Decision-Making
4.1 Summary of the Literature
4.2 Open Research Challenges
5 Selection Bias in Labels
5.1 Summary of the Literature
5.2 Open Research Challenges
6 Concept Drift
6.1 Summary of the Literature
6.2 Open Research Challenges
7 ML-Investigator Interaction
7.1 Summary of the Literature
7.2 Open Research Challenges
8 Model Deployment and Monitoring
8.1 Summary of the Literature
8.2 Open Research Challenges
9 Conclusion
References
Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-trained Language Models
1 Introduction
2 Problem Definition and Challenges
2.1 Few-Sample Named Entity Recognition
2.2 Named Entity Recognition for Vulnerability Reports
2.3 Data-Specific Challenges
3 Few-Sample NER for Vulnerability Reports
3.1 Fine-Tuning Pre-trained Language Models with Hundreds of Training Labels
3.2 Few-Shot Named Entity Recognition
4 Experiments
4.1 Datasets
4.2 Evaluation Metrics
4.3 Experimental Setup
4.4 Experimental Results: Fine-Tuning on the memc Category
4.5 Experimental Results: Transfer Learning on the Other 12 Categories
5 Related Work
5.1 Information Extraction in Public Vulnerability Database
5.2 Named Entity Recognition for Computer Security
5.3 Few-Sample Named Entity Recognition
6 Conclusions and Future Work
A Dataset Statistics
References
Malware Attack and Defense
DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection Based on Image Representation of Bytecode
1 Introduction
2 Approach
2.1 Image Representation of Android Apps
2.2 Deep Learning Architecture
3 Study Design
3.1 Research Questions
3.2 Dataset
3.3 Empirical Setup
4 Study Results
4.1 RQ1: How Effective is DexRay in the Detection of Android Malware?
4.2 RQ2: How Effective is DexRay in Detecting New Android Malware?
4.3 RQ3: What is the Impact of Image-Resizing on the Performance of DexRay?
4.4 RQ4: How Does App Obfuscation Affect the Performance of DexRay?
5 Discussion
5.1 Simple But Effective
5.2 The Next Frontier in Malware Detection?
5.3 Explainability and Location Concerns
5.4 Threats to Validity
6 Related Work
6.1 Machine Learning-Based Android Malware Detection
6.2 Deep Learning-Based Android Malware Detection
6.3 Image-Based Malware Detection
7 Conclusion
References
Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability
1 Introduction
2 Background and Related Work
2.1 Malware Visualization
2.2 Traditional Malware Camouflage
2.3 Adversarial Machine Learning
2.4 SoK of Existing Literatures
3 Robust Adversarial Example Attack Against Visualization-Based Malware Detection
3.1 Mask Generator
3.2 AE Generator
3.3 NOP Generator
3.4 AE Optimizer
4 Evaluation
4.1 Experiment Setup
4.2 Results
5 Discussion
5.1 Limitations
5.2 Future Work
6 Conclusion
References
A Survey on Common Threats in npm and PyPi Registries
1 Introduction
2 Background
2.1 Dependencies and Dependency Trees
2.2 Package Manager
2.3 Software Supply-Chain Attacks
2.4 Typosquatting and Combosquatting
2.5 Machine Learning
3 Motivation
4 General Overview of Vulnerabilities in npm and PyPi
4.1 Direct, Indirect Dependencies, and Heavy Code Reuse
4.2 Technical Lag
4.3 Squatting Attacks
4.4 Maintainers and Collaborators
4.5 Trivial Packages or Micropackages
4.6 PyPi Overview
4.7 Noteworthy Incidents
5 Discussion
5.1 Suggested Countermeasures
5.2 Future Direction
6 Conclusion
References
Author Index
