{CADE}: Detecting and explaining concept drift samples for security applications
Concept drift poses a critical challenge to deploy machine learning models to solve practical
security problems. Due to the dynamic behavior changes of attackers (and/or the benign …
security problems. Due to the dynamic behavior changes of attackers (and/or the benign …
{AIRTAG}: Towards Automated Attack Investigation by Unsupervised Learning with Log Texts
The success of deep learning (DL) techniques has led to their adoption in many fields,
including attack investigation, which aims to recover the whole attack story from logged …
including attack investigation, which aims to recover the whole attack story from logged …
Learning approximate execution semantics from traces for binary function similarity
Detecting semantically similar binary functions–a crucial capability with broad security
usages including vulnerability detection, malware analysis, and forensics–requires …
usages including vulnerability detection, malware analysis, and forensics–requires …
Xda: Accurate, robust disassembly with transfer learning
Accurate and robust disassembly of stripped binaries is challenging. The root of the difficulty
is that high-level structures, such as instruction and function boundaries, are absent in …
is that high-level structures, such as instruction and function boundaries, are absent in …
Can a Deep Learning Model for One Architecture Be Used for Others?{Retargeted-Architecture} Binary Code Analysis
NLP-inspired deep learning for binary code analysis demonstrates notable performance.
Considering the diverse Instruction Set Architectures (ISAs) on the market, it is important to …
Considering the diverse Instruction Set Architectures (ISAs) on the market, it is important to …
{AURORA}: Statistical crash analysis for automated root cause explanation
Given the huge success of automated software testing techniques, a large amount of
crashes is found in practice. Identifying the root cause of a crash is a time-intensive …
crashes is found in practice. Identifying the root cause of a crash is a time-intensive …
{APICraft}: Fuzz driver generation for closed-source {SDK} libraries
Fuzz drivers are needed for fuzzing libraries. A fuzz driver is a program which can execute
library functions by feeding them with inputs provided by the fuzzer. In practice, fuzz drivers …
library functions by feeding them with inputs provided by the fuzzer. In practice, fuzz drivers …
{DeepDi}: Learning a relational graph convolutional network model on instructions for fast and accurate disassembly
Disassembly is the cornerstone of many binary analysis tasks. Traditional disassembly
approaches (eg, linear and recursive) are not accurate enough, while more sophisticated …
approaches (eg, linear and recursive) are not accurate enough, while more sophisticated …
Using deep learning to solve computer security challenges: a survey
Although using machine learning techniques to solve computer security challenges is not a
new idea, the rapidly emerging Deep Learning technology has recently triggered a …
new idea, the rapidly emerging Deep Learning technology has recently triggered a …
{AI} Psychiatry: Forensic Investigation of Deep Learning Networks in Memory Images
Online learning is widely used in production to refine model parameters after initial
deployment. This opens several vectors for covertly launching attacks against deployed …
deployment. This opens several vectors for covertly launching attacks against deployed …