Tag: machine learning
-
New paper: Distinguishing between malicious app collusion and benign app collaboration: a machine-learning approach
Yesterday, we published a paper (that was presented at VB2016) on Android app collusions : the situation in which two or more apps work together to exfiltrate data from a device using the combined permissions of each app. Today, we publish a follow-up paper by the same (in fact, slightly larger) group of researchers, affiliated…
-
New paper: Distinguishing between malicious app collusion and benign app collaboration: a machine-learning approach
Yesterday, we published a paper (that was presented at VB2016) on Android app collusions : the situation in which two or more apps work together to exfiltrate data from a device using the combined permissions of each app. Today, we publish a follow-up paper by the same (in fact, slightly larger) group of researchers, affiliated…
-
VB2017 preview: Stuck between a ROC and a hard place
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive rate – something that has become even more important with advances in machine-learning detection technologies. Making the model too strict will result in false positives, while making…
-
VB2017 preview: Stuck between a ROC and a hard place
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive rate – something that has become even more important with advances in machine-learning detection technologies. Making the model too strict will result in false positives, while making…
-
Research paper shows it may be possible to distinguish malware traffic using TLS
Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…
-
Research paper shows it may be possible to distinguish malware traffic using TLS
Researchers at Cisco have published a paper ( PDF ) describing how it may be possible to use machine learning to distinguish malware command-and-control (C&C) traffic using TLS from regular enterprise traffic, and to classify malware families based on their encrypted C&C traffic. The need for malware to communicate with its operators, so that it…