Projects per year
Abstract
Malware evolves perpetually and relies on increasingly so- phisticated attacks to supersede defense strategies. Data-driven approaches to malware detection run the risk of becoming rapidly antiquated. Keeping pace with malware requires models that are periodically enriched with fresh knowledge, commonly known as retraining. In this work, we propose the use of Venn-Abers predictors for assessing the quality of binary classification tasks as a first step towards identifying antiquated models. One of the key benefits behind the use of Venn-Abers predictors is that they are automatically well calibrated and offer probabilistic guidance on the identification of nonstationary populations of malware. Our framework is agnostic to the underlying classification algorithm and can then be used for building better retraining strategies in the presence of concept drift. Results obtained over a timeline-based evaluation with about 90K samples show that our framework can identify when models tend to become obsolete.
Original language | English |
---|---|
Title of host publication | ACM Workshop on Artificial Intelligence and Security |
Place of Publication | Vienna, Austria |
Publisher | ACM |
Pages | 71-82 |
Number of pages | 12 |
ISBN (Print) | 978-1-4503-4573-6 |
DOIs | |
Publication status | Published - 28 Oct 2016 |
Projects
- 3 Finished
-
MobSec: Malware and Security in the Mobile Age
Cavallaro, L. (PI) & Kinder, J. (CoI)
Eng & Phys Sci Res Council EPSRC
10/11/14 → 4/05/19
Project: Research
-
Mining the Network Behaviour of Bots
Cavallaro, L. (PI), Gammerman, A. (CoI), Vovk, V. (CoI), Shanahan, H. (CoI) & Luo, Z. (CoI)
Eng & Phys Sci Res Council EPSRC
16/06/13 → 17/04/17
Project: Research
-
Centre for Doctoral Training in Cyber Security
Cid, C. (PI), Crampton, J. (CoI), Martin, K. M. (CoI) & Paterson, K. (CoI)
Eng & Phys Sci Res Council EPSRC
1/04/13 → 31/12/19
Project: Research