Collaborate Disseminate
Microsoft is training a machine-learning system to find software bugs: At Microsoft, 47,000 developers generate nearly 30 thousand bugs a month. These items get stored across over 100 AzureDevOps and GitHub repositories. To better label and prioritize bugs at that scale, we couldn’t just apply more people to the problem. However, large volumes of semi-curated data are perfect for machine… Continue reading Vulnerability Finding Using Machine Learning
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google’s security and anti-abuse research lead Elie Bursztein will present findings on how the new deep-learning scanner for documents is faring against the 300 billion attachments it has to process each week. It’s challenging to tell the… Continue reading Deep Learning to Find Malicious Email Attachments
Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday, Google’s security and anti-abuse research lead Elie Bursztein will present findings on ho… Continue reading Deep Learning to Find Malicious Email Attachments
Interesting taxonomy of machine-learning failures (pdf) that encompasses both mistakes and attacks, or — in their words — intentional and unintentional failure modes. It’s a good basis for threat modeling…. Continue reading Failure Modes in Machine Learning
Interesting research: "TrojDRL: Trojan Attacks on Deep Reinforcement Learning Agents": Abstract:: Recent work has identified that classification models implemented as neural networks are vulnerable to data-poisoning and Trojan attacks at training time. In this work, we show that these training-time vulnerabilities extend to deep reinforcement learning (DRL) agents and can be exploited by an adversary with access to the training… Continue reading Manipulating Machine Learning Systems by Manipulating Training Data
This is interesting research: In a BGP hijack, a malicious actor convinces nearby networks that the best path to reach a specific IP address is through their network. That’s unfortunately not very hard to do, since BGP itself doesn’t have any security procedures for validating that a message is actually coming from the place it says it’s coming from. […]… Continue reading Using Machine Learning to Detect IP Hijacking
This is interesting research: In a BGP hijack, a malicious actor convinces nearby networks that the best path to reach a specific IP address is through their network. That’s unfortunately not very hard to do, since BGP itself doesn’t have any security … Continue reading Using Machine Learning to Detect IP Hijacking
According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China — one with serious implications for national security. The conventional version of this story suggests that the United States is at a disadvantage because of self-imposed restraints on the collection of data and the privacy of its citizens,… Continue reading Data, Surveillance, and the AI Arms Race
According to foreign policy experts and the defense establishment, the United States is caught in an artificial intelligence arms race with China — one with serious implications for national security. The conventional version of this story suggests th… Continue reading Data, Surveillance, and the AI Arms Race
It used to be that surveillance cameras were passive. Maybe they just recorded, and no one looked at the video unless they needed to. Maybe a bored guard watched a dozen different screens, scanning for something interesting. In either case, the video w… Continue reading Computers and Video Surveillance