Keywords:
Machine learning-Congresses.
;
Computer security-Congresses.
;
Electronic books.
Type of Medium:
Online Resource
Pages:
1 online resource (163 pages)
ISBN:
9783030878399
Series Statement:
Communications in Computer and Information Science Ser. ; v.1482
URL:
https://ebookcentral.proquest.com/lib/geomar/detail.action?docID=6734393
DDC:
006.31
Language:
English
Note:
Intro -- Preface -- Organization -- Contents -- Machine Learning for Security -- STAN: Synthetic Network Traffic Generation with Generative Neural Models -- 1 Introduction -- 2 Related Work -- 3 Problem Definition -- 4 Proposed Method -- 4.1 Joint Distribution Factorization -- 4.2 Neural Network Architecture -- 4.3 IP Address and Port Number Modeling -- 4.4 Baselines -- 4.5 Evaluation Metrics -- 5 Experimental Results -- 5.1 Understanding STAN Using Simulated Data -- 5.2 Real Network Traffic Data -- 6 Conclusion and Future Work -- References -- Machine Learning for Fraud Detection in E-Commerce: A Research Agenda -- 1 Introduction -- 2 An Operational Model of an Anti-fraud Department -- 2.1 Entities and Relations in the Operational Model -- 2.2 Research Topics -- 3 Investigation Support -- 3.1 Summary of the Literature -- 3.2 Open Research Challenges -- 4 Decision-Making -- 4.1 Summary of the Literature -- 4.2 Open Research Challenges -- 5 Selection Bias in Labels -- 5.1 Summary of the Literature -- 5.2 Open Research Challenges -- 6 Concept Drift -- 6.1 Summary of the Literature -- 6.2 Open Research Challenges -- 7 ML-Investigator Interaction -- 7.1 Summary of the Literature -- 7.2 Open Research Challenges -- 8 Model Deployment and Monitoring -- 8.1 Summary of the Literature -- 8.2 Open Research Challenges -- 9 Conclusion -- References -- Few-Sample Named Entity Recognition for Security Vulnerability Reports by Fine-Tuning Pre-trained Language Models -- 1 Introduction -- 2 Problem Definition and Challenges -- 2.1 Few-Sample Named Entity Recognition -- 2.2 Named Entity Recognition for Vulnerability Reports -- 2.3 Data-Specific Challenges -- 3 Few-Sample NER for Vulnerability Reports -- 3.1 Fine-Tuning Pre-trained Language Models with Hundreds of Training Labels -- 3.2 Few-Shot Named Entity Recognition -- 4 Experiments -- 4.1 Datasets.
,
4.2 Evaluation Metrics -- 4.3 Experimental Setup -- 4.4 Experimental Results: Fine-Tuning on the memc Category -- 4.5 Experimental Results: Transfer Learning on the Other 12 Categories -- 5 Related Work -- 5.1 Information Extraction in Public Vulnerability Database -- 5.2 Named Entity Recognition for Computer Security -- 5.3 Few-Sample Named Entity Recognition -- 6 Conclusions and Future Work -- A Dataset Statistics -- References -- Malware Attack and Defense -- DexRay: A Simple, yet Effective Deep Learning Approach to Android Malware Detection Based on Image Representation of Bytecode -- 1 Introduction -- 2 Approach -- 2.1 Image Representation of Android Apps -- 2.2 Deep Learning Architecture -- 3 Study Design -- 3.1 Research Questions -- 3.2 Dataset -- 3.3 Empirical Setup -- 4 Study Results -- 4.1 RQ1: How Effective is DexRay in the Detection of Android Malware? -- 4.2 RQ2: How Effective is DexRay in Detecting New Android Malware? -- 4.3 RQ3: What is the Impact of Image-Resizing on the Performance of DexRay? -- 4.4 RQ4: How Does App Obfuscation Affect the Performance of DexRay? -- 5 Discussion -- 5.1 Simple But Effective -- 5.2 The Next Frontier in Malware Detection? -- 5.3 Explainability and Location Concerns -- 5.4 Threats to Validity -- 6 Related Work -- 6.1 Machine Learning-Based Android Malware Detection -- 6.2 Deep Learning-Based Android Malware Detection -- 6.3 Image-Based Malware Detection -- 7 Conclusion -- References -- Attacks on Visualization-Based Malware Detection: Balancing Effectiveness and Executability -- 1 Introduction -- 2 Background and Related Work -- 2.1 Malware Visualization -- 2.2 Traditional Malware Camouflage -- 2.3 Adversarial Machine Learning -- 2.4 SoK of Existing Literatures -- 3 Robust Adversarial Example Attack Against Visualization-Based Malware Detection -- 3.1 Mask Generator -- 3.2 AE Generator.
,
3.3 NOP Generator -- 3.4 AE Optimizer -- 4 Evaluation -- 4.1 Experiment Setup -- 4.2 Results -- 5 Discussion -- 5.1 Limitations -- 5.2 Future Work -- 6 Conclusion -- References -- A Survey on Common Threats in npm and PyPi Registries -- 1 Introduction -- 2 Background -- 2.1 Dependencies and Dependency Trees -- 2.2 Package Manager -- 2.3 Software Supply-Chain Attacks -- 2.4 Typosquatting and Combosquatting -- 2.5 Machine Learning -- 3 Motivation -- 4 General Overview of Vulnerabilities in npm and PyPi -- 4.1 Direct, Indirect Dependencies, and Heavy Code Reuse -- 4.2 Technical Lag -- 4.3 Squatting Attacks -- 4.4 Maintainers and Collaborators -- 4.5 Trivial Packages or Micropackages -- 4.6 PyPi Overview -- 4.7 Noteworthy Incidents -- 5 Discussion -- 5.1 Suggested Countermeasures -- 5.2 Future Direction -- 6 Conclusion -- References -- Author Index.
Permalink