Dieses Dokuwiki verwendet ein von Anymorphic Webdesign erstelltes Thema.

Razlike

Slijede razlike između dviju inačica stranice.

Poveznica na ovu usporedbu

Starije izmjene na obje strane Starija izmjena
Novija izmjena 		Starija izmjena
racfor_wiki:primjene_strojnog_ucenja_u_cyber_sigurnosti [2021/01/17 13:33]
mpuhalovic [Breaking Human Interaction Proofs (HIPs)] 		racfor_wiki:primjene_strojnog_ucenja_u_cyber_sigurnosti [2024/12/05 12:24] (trenutno)
Redak 173: Redak 173:
 {{:racfor_wiki:captcha_segmentation.png?400|}} {{:racfor_wiki:captcha_segmentation.png?400|}}
  
-The first 3 segmented images from the previous example, which are fed to the neural network, are shown in Image x.+The first 3 segmented images from the previous example, which are fed to the neural network, are shown in Image 3.
  
 Image 3 [5]: Image 3 [5]:
Redak 179: Redak 179:
 {{:racfor_wiki:captcha_segmented.png?400|}} {{:racfor_wiki:captcha_segmented.png?400|}}
  
-Six experiments were conducted with EZ-Gimpy/Yahoo, Yahoo v2, mailblocks, register, ticketmaster, and Google HIPs. The segmentation success rates and recognition success rates of each experiment are shown in Table x.+Six experiments were conducted with EZ-Gimpy/Yahoo, Yahoo v2, mailblocks, register, ticketmaster, and Google HIPs. The segmentation success rates and recognition success rates of each experiment are shown in Table 6.
  
-Table 1:+Table 6 [5]:
 |  \\ HIP   \\ |  \\ Segmentation success rate   \\ |  \\ Recognition success rate (after segmentation)   \\ |  \\ Total   \\ | |  \\ HIP   \\ |  \\ Segmentation success rate   \\ |  \\ Recognition success rate (after segmentation)   \\ |  \\ Total   \\ |
 |  \\ Mailblocks \\ |  \\  88.8 %  \\ |  \\ 95.9 %  \\ | \\ 66.2 %  \\ | |  \\ Mailblocks \\ |  \\  88.8 %  \\ |  \\ 95.9 %  \\ | \\ 66.2 %  \\ |
Redak 200: Redak 200:
   * Attacks on availability - cause so many classification errors that the system becomes effectively unusable    * Attacks on availability - cause so many classification errors that the system becomes effectively unusable 
   * Exploratory attacks - exploiting the existing vulnerabilities   * Exploratory attacks - exploiting the existing vulnerabilities
-  * Targeted attacks directed to a certain input +  * Targeted attacks directed to a certain input 
-  * Indiscriminate attacks - in which inputs fail+  * Indiscriminate attacks - causes all inputs to fail
- +
-The researchers [] proposed the Reject On Negative Impact (RONI) defense which ignores all the training data points that have a substantial negative impact on the classification accuracy. +
-RONI defense system consists of two classifiers. One classifier is trained using the base training set and the other is trained with the base set and potentially malicious data. If the errors of those two classifiers differ significantly from each other the data is labeled as malicious. +
-RONI defense defends against exploratory and causative attacks. For defending against exploratory attacks, in which an attacker can create an evaluation distribution that the learner predicts poorly, the defender can limit the access to the training procedure and data, making it harder for an attacker to apply reverse engineering. For defending against the causative attacks, in which an attacker can manipulate both training and evaluation distributions, the defender can employ previously described defense using two classifiers.+
  
 +The researchers [10] proposed a defense against exploratory and causative attacks. 
 +For defending against exploratory attacks, in which an attacker can create an evaluation distribution that the learner predicts poorly, the defender can limit the access to the training procedure and data, making it harder for an attacker to apply reverse engineering.
 +For defending against the causative attacks, in which an attacker can manipulate both training and evaluation distributions, the defender can employ Reject On Negative Impact (RONI) defense. RONI defense ignores all the training data points that have a substantial negative impact on classification accuracy. RONI defense consists of two classifiers. One classifier is trained using the base training set and the other is trained with the base set and potentially malicious data. If the errors of those two classifiers differ significantly from each other the data is labeled as malicious.
  
 ===== Conclusion ===== ===== Conclusion =====
  
-Machine learning is a powerful and adaptive tool that enabled tackling problems that so far required humans. It also enabled the automation of threat recognition tasks.+Machine learning is a powerful and adaptive tool that enabled tackling problems that so far required humans. It also enabled the automation of threat recognition tasks. In this paper, multiple applications of machine learning in cybersecurity were shown. Most of the problems were solved using supervised learning and classification since their required classifying input into safe or malicious categories. For classification tasks, researchers tested multiple classifiers, each with its own pros and cons, and they chose what they considered the best ones for the task at hand.
  
  
-===== Literatura =====+===== Literature =====
  
-[1] [[https://www.researchgate.net/publication/283083699_Applications_of_Machine_Learning_in_Cyber_Security|Ford, V., and Siraj A. Applications of Machine Learning in Cyber Security. Computer Science Department, Tennessee Tech University, 2014., accessed on January 2020.]]+[1] [[https://www.researchgate.net/publication/283083699_Applications_of_Machine_Learning_in_Cyber_Security|Ford, V., and SirajA. Applications of Machine Learning in Cyber Security. Computer Science Department, Tennessee Tech University, 2014. Accessed in January 2021.]]
  
-[2] [[https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2017/rise-of-the-machines-preliminaries-wp-new-template-final_web.pdf|Matt Lewis. Rise of the machines: Machine Learning & its cyber security applications. NCC Group, 2017., accessed on January 2020.]]+[2] [[https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2017/rise-of-the-machines-preliminaries-wp-new-template-final_web.pdf|Matt Lewis. Rise of the machines: Machine Learning & its cyber security applications. NCC Group, 2017. Accessed in January 2021.]]
  
-[3] [[https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=633583|Spring, J., Fallon, J., Galyardt, A., Horneman, A., Metcalf, L. B., and Stoner, E. Machine Learning in Cybersecurity: A Guide. Software Engineering Institute, 2019., accessed on January 2020.]]+[3] [[https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=633583|Spring, J., Fallon, J., Galyardt, A., Horneman, A., Metcalf, L. B., and Stoner, E. Machine Learning in Cybersecurity: A Guide. Software Engineering Institute, 2019. Accessed in January 2021.]]
  
 +[4] [[https://arxiv.org/abs/1906.05799|Nguyen, T. T. and Reddi, V. J. Deep Reinforcement Learning for Cyber Security. 2020. Accessed in January 2021.]]
  
-[4] https://arxiv.org/abs/1906.05799+[5[[https://papers.nips.cc/paper/2004/file/283085d30e10513624c8cece7993f4de-Paper.pdf|Chellapilla, K. and Simard, P. Y. Using Machine Learning to Break Visual Human Interaction Proofs (HIPs). Microsoft Research. Accessed in January 2021.]]
  
-[5] https://papers.nips.cc/paper/2004/file/283085d30e10513624c8cece7993f4de-Paper.pdf+[6[[https://eprints.whiterose.ac.uk/128366/1/MalwareAnalysis.pdf|Milošević, N., Dehghantanha, A. and Choo, K.-K.R. Machine learning aided malware classification of Android applications. 2017. Accessed in January 2021.]]
  
-[6]https://eprints.whiterose.ac.uk/128366/1/MalwareAnalysis.pdf+[7][[https://www.researchgate.net/publication/216864662_A_machine_learning_approach_to_keystroke_dynamics_based_user_authentication|Revett, K., Gorunescu, F., Gorunescu, M. and Ene, M. A machine learning approach to keystroke dynamics based user authentication. International Journal of Electronic Security and Digital Forensics. 2007. Accessed in January 2021.]]
  
-[7] https://www.researchgate.net/publication/216864662_A_machine_learning_approach_to_keystroke_dynamics_based_user_authentication+[8][[https://www.usenix.org/legacy/events/sec08/tech/full_papers/gu/gu_html/index.html|Gu, G., Perdisci, R., Zhang, J., and Lee, W. BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection. College of Computing, Georgia Institute of Technology. Accessed in January 2021.]]
  
-[8https://www.usenix.org/legacy/events/sec08/tech/full_papers/gu/gu_html/index.html+[9][[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.114.1242&rep=rep1&type=pdf|Abu-Nimeh, S., Nappa, D., Wang, X. and Nair, S. A Comparison of Machine Learning Techniques for Phishing Detection. SMU HACNet Lab, Southern Methodist University. 2007. Accessed in January 2021.]]
  
-[9http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.114.1242&rep=rep1&type=pdf+[10][[https://people.eecs.berkeley.edu/~adj/publications/paper-files/SecML-MLJ2010.pdf|Barreno, M., Nelson, BJoseph, AD., Tygar, J.D. The security of machine learning. Computer Science Division, University of California, Berkeley. 2008. Accessed in January 2021.]]
  
racfor_wiki/primjene_strojnog_ucenja_u_cyber_sigurnosti.1610890428.txt.gz · Zadnja izmjena: 2024/12/05 12:23 (vanjsko uređivanje)
Dieses Dokuwiki verwendet ein von Anymorphic Webdesign erstelltes Thema.
CC Attribution-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0