Malware still constitutes a major threat in the cybersecurity landscape, also due to the
widespread use of infection vectors such as documents. These infection vectors hide …

Initial penetration is one of the first steps of an Advanced Persistent Threat (APT) attack, and
it is considered one of the most significant means of initiating cyber-attacks aimed at …

Recent research efforts on adversarial ML have investigated problem-space attacks,
focusing on the generation of real evasive objects in domains where, unlike images, there is …

Machine learning is widely used to develop classifiers for security tasks. However, the
robustness of these methods against motivated adversaries is uncertain. In this work, we …

Today's systems produce a rapidly exploding amount of data, and the data further derives
more data, forming a complex data propagation network that we call the data's lineage …

We investigate a family of poisoning attacks against Support Vector Machines (SVM). Such
attacks inject specially crafted training data that increases the SVM's test error. Central to the …

Learning-based classifiers are increasingly used for detection of various forms of malicious
data. However, if they are deployed online, an attacker may attempt to evade them by …

Is Android malware classification a solved problem? Published F1 scores of up to 0.99
appear to leave very little room for improvement. In this paper, we argue that results are …

Owed to their versatile functionality and widespread adoption, PDF documents have
become a popular avenue for user exploitation ranging from large-scale phishing attacks to …

Malicious PDF files remain a real threat, in practice, to masses of computer users, even after
several high-profile security incidents. In spite of a series of a security patches issued by …