assessing the feasibility of machine learning to detect
play

Assessing the Feasibility of Machine Learning to Detect Network - PowerPoint PPT Presentation

Nov 08, 2022 •227 likes •395 views

Assessing the Feasibility of Machine Learning to Detect Network Covert Channels Name: Diogo Barradas PhD Stage: Planner Advisors: Prof. Lus Rodrigues & Prof. Nuno Santos Research Area: Privacy-Enhancing Technologies Diogo Barradas - EuroSys

  1. Assessing the Feasibility of Machine Learning to Detect Network Covert Channels Name: Diogo Barradas PhD Stage: Planner Advisors: Prof. Luís Rodrigues & Prof. Nuno Santos Research Area: Privacy-Enhancing Technologies Diogo Barradas - EuroSys Doctoral Workshop 2018

  2. What’s All This About? What’s the Problem? ● Current unobservability assessments of covert channels are flawed ○ 2 Diogo Barradas - EuroSys Doctoral Workshop 2018

  3. What’s All This About? What’s the Problem? ● Current unobservability assessments of covert channels are flawed ○ Why Should We Care? ● Inaccurate unobservability assessments can place human lives in jeopardy ○ 3 Diogo Barradas - EuroSys Doctoral Workshop 2018

  4. What’s All This About? What’s the Problem? ● Current unobservability assessments of covert channels are flawed ○ Why Should We Care? ● Inaccurate unobservability assessments can place human lives in jeopardy ○ What Are You Going To Do About It? ● Develop a robust framework for the unobservability assessment of covert channels ○ 4 Diogo Barradas - EuroSys Doctoral Workshop 2018

  5. What’s All This About? What’s the Problem? ● Current unobservability assessments of covert channels are flawed ○ Why Should We Care? ● Inaccurate unobservability assessments can place human lives in jeopardy ○ What Are You Going To Do About It? ● Develop a robust framework for the unobservability assessment of covert channels ○ ● Then What? Foster the design of new tools to circumvent repressive network control ○ 5 Diogo Barradas - EuroSys Doctoral Workshop 2018

  6. Multiple Tools Generate Covert Channels in the Internet Recent approaches tunnel data through encrypted protocols ● e.g. Skype ○ 6 Diogo Barradas - EuroSys Doctoral Workshop 2018

  7. Covert Channels through Multimedia Protocol Tunneling Facet DeltaShaper Unidirectional (A/V) Bidirectional (V) Video Transmission Arbitrary Data Transmission 7 7 Diogo Barradas - EuroSys Doctoral Workshop 2018

  8. Adversaries can Learn from Encrypted Traffic Traffic analysis can detect unusual patterns in (encrypted) network flows ● Covert data must be carefully modulated to evade detection ● Security => Unobservability ○ Encrypted Traffic Analysis 8 Diogo Barradas - EuroSys Doctoral Workshop 2018

  9. Existing Unobservability Claims are Questionable Ad hoc covert channel evaluation ● Similarity-based classifiers only ○ ○ Unobservability measured against independently built classifiers Lack of theoretical reasoning in covert channel design ● Covert data embedding is guided through black-box experimentation ○ 9 Diogo Barradas - EuroSys Doctoral Workshop 2018

  10. Research Questions Are state-of-the-art covert channels observable? ● Can we better assess the unobservability of current tools? ● Can we accurately characterize covert data carrier protocols? ● Is it possible to provide theoretical bounds to unobservability? ● 10 Diogo Barradas - EuroSys Doctoral Workshop 2018

  11. Research Questions Are state-of-the-art covert channels observable? ● Can we better assess the unobservability of current tools? ● Can we accurately characterize covert data carrier protocols? ● Is it possible to provide theoretical bounds to unobservability? ● 11 Diogo Barradas - EuroSys Doctoral Workshop 2018

  12. Similarity-Based Detection Unobservability claims are dependent on the classifier ● Similarity-based classifiers cannot accurately detect covert traffic ● ROC AUC: ○ System / Classifier Chi-Square Earth Mover’s Distance Facet 0.83 0.58 DeltaShaper 0.74 0.57 Diogo Barradas - EuroSys Doctoral Workshop 2018

  13. Similarity-Based Detection Unobservability claims are dependent on the classifier ● Similarity-based classifiers cannot accurately detect covert traffic ● ROC AUC: ○ System / Classifier Chi-Square Earth Mover’s Distance Facet 0.83 0.58 DeltaShaper 0.74 0.57 Diogo Barradas - EuroSys Doctoral Workshop 2018

  14. Decision Tree-Based Detection Largely undermine previous unobservability claims ● ○ Facet: ROC AUC = 0.99 (vs 0.83) DeltaShaper: ROC AUC = 0.95 (vs 0.74) ○ Provide us insight on useful features for identifying covert channels ● Diogo Barradas - EuroSys Doctoral Workshop 2018

  15. Takeaways Ensuring unobservability is desirable for covert channels ● Past unobservability assessments are flawed ● Goal: build a rigorous framework for the assessment of unobservability ● Thank You! https://web.ist.utl.pt/diogo.barradas 15 Diogo Barradas - EuroSys Doctoral Workshop 2018

Recommend

Fairness and bias in Machine Learning A quick review on tools to detect biases in machine

Fairness and bias in Machine Learning A quick review on tools to detect biases in machine

QCon 2019 Fairness and bias in Machine Learning A quick review on tools to detect biases in machine learning model Thierry Silbermann, Tech Lead Data Science at Nubank thierry.silbermann@nubank.com.br Data collection Todays

870 views • 45 slides
Learning to Detect Faces A Large-Scale Application of Machine Learning ( This m aterial is not in

Learning to Detect Faces A Large-Scale Application of Machine Learning ( This m aterial is not in

Learning to Detect Faces A Large-Scale Application of Machine Learning ( This m aterial is not in the text: for further inform ation see the paper by P. Viola and M. Jones, I nternational Journal of Com puter Vision, 2 0 0 4 Viola-Jones Face

419 views • 26 slides
TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT ATTACKS IN THE INTERNET

The 15th International Conference on Availability, Reliability and Security (ARES 2020) August 25 to August 28, 2020 in Dublin, Ireland ID-86 workshop paper (IoT-SECFOR) TAXONOMY AND CHALLENGES IN MACHINE LEARNING-BASED APPROACHES TO DETECT

583 views • 13 slides
Learning Theory CE-717: Machine Learning Sharif University of Technology M. Soleymani Fall 2016

Learning Theory CE-717: Machine Learning Sharif University of Technology M. Soleymani Fall 2016

Learning Theory CE-717: Machine Learning Sharif University of Technology M. Soleymani Fall 2016 Topics Feasibility of learning PAC learning VC dimension Structural Risk Minimization (SRM) 2 Feasibility of learning Does the

673 views • 66 slides
Predicting the past: A machine learning approach to detect innovative firms in times of crisis

Predicting the past: A machine learning approach to detect innovative firms in times of crisis

City REDI - University of Birmingham Introduction Data and Methodology Results Conclusion Predicting the past: A machine learning approach to detect innovative firms in times of crisis Marco Guerzoni, 1,4 Massimiliano Nuccio 2,1 , Consuelo

1.21k views • 32 slides
WIKIGENDER: A MACHINE LEARNING MODEL TO DETECT GENDER BIAS IN WIKIPEDIA Natalie Boln, Natlia

WIKIGENDER: A MACHINE LEARNING MODEL TO DETECT GENDER BIAS IN WIKIPEDIA Natalie Boln, Natlia

WIKIGENDER: A MACHINE LEARNING MODEL TO DETECT GENDER BIAS IN WIKIPEDIA Natalie Boln, Natlia Gulln, Sofia Kypraiou, Irene Petlacalco WIKIGENDER: METHODOLOGY Dataset Overviews from Wikipedia biographies: only 17% of them refer to women

455 views • 3 slides
Feasibility study on machine learning algorithm in nuclear reactor core diagnosis Hanjoo Kim a ,

Feasibility study on machine learning algorithm in nuclear reactor core diagnosis Hanjoo Kim a ,

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 Feasibility study on machine learning algorithm in nuclear reactor core diagnosis Hanjoo Kim a , Dongmin Yun a , Ho Cheol Shin b , Sang Rae Moon b , Deokjung Lee a*

542 views • 4 slides
Learning to Detect Phishing Emails Ian Fette Norman Sadeh Anthony Tomasic (School of CS, CMU)

Learning to Detect Phishing Emails Ian Fette Norman Sadeh Anthony Tomasic (School of CS, CMU)

Learning to Detect Phishing Emails Ian Fette Norman Sadeh Anthony Tomasic (School of CS, CMU) Presented by: Ashique Mahmood Dept of Computer & Information Sciences University of Delaware CI SC 879 - Machine Learning for Solving Systems

1.22k views • 22 slides
Assessing the Feasibility and Appropriateness of Community- based TB/HIV Counseling and Testing

Assessing the Feasibility and Appropriateness of Community- based TB/HIV Counseling and Testing

Assessing the Feasibility and Appropriateness of Community- based TB/HIV Counseling and Testing in the Philippines: an implementation research TYRONE REDEN L. SY Ilmu Kesehatan Masyarakat Faculty of Medicine, Universitas Gadjah Mada

555 views • 23 slides
(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD

(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD

(Machine) Learning To Detect Fraudsters Hany Elemary Sarah LeBlanc CREDIT CARD FRAUD TRANSACTION APPLICATION CARD NOT FOUND 2 FRAUD DETECTION MODEL PLOT Not Fraud Fraud Application Count False Negatives False Positives 0 0.2 0.4

357 views • 24 slides
An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning http://www.cs.iastate.edu/~cs573x/bbsilab.html Machine Learning Software Preparing Data Building Classifiers Interpreting Results Machine Learning Software

496 views • 26 slides
Assessing the Feasibility of an ESOP Presented by: Alexander L. Mounts Krieg DeVault LLP One

Assessing the Feasibility of an ESOP Presented by: Alexander L. Mounts Krieg DeVault LLP One

ESOP Nuts and Bolts: What You Need to Know About Employee Stock Ownership Plans Indianapolis, IN August 16, 2018 Assessing the Feasibility of an ESOP Presented by: Alexander L. Mounts Krieg DeVault LLP One Indiana Square, Suite 2800

484 views • 19 slides
Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by which computers can be trained through observation, rather than being explicitly programmed. Basically, a program is given input and adjusts its

556 views • 17 slides
Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen,

Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen,

Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen, Krista Hanni, Susan Barnes, and Kristy Michie 13th Biennial CDC Symposium on Statistical Methods May 25, 2011 Research Questions How well can the

628 views • 23 slides
Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University January 12, 2015 Today: Readings: What is machine learning? The Discipline of ML Decision tree learning Mitchell, Chapter 3

872 views • 29 slides
Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

GCT634/AI613: Musical Applications of Machine Learning (Fall 2020) Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning Pipeline in Classification Tasks A set of hand-designed audio features are selected

398 views • 26 slides
Assessing Student Learning in Assessing Student Learning in the School Library Media Center

Assessing Student Learning in Assessing Student Learning in the School Library Media Center

Assessing Student Learning in Assessing Student Learning in the School Library Media Center January 10, 2009 ECU Librarian to Librarian Networking Summit Cathy DuPre Media Coordinator Oaklawn Language Academy, Charlotte, NC From the experts

219 views • 20 slides
Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen,

Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen,

Assessing EARS Ability to Locally Detect the 2009 H1N1 Pandemic Ron Fricker, Katie Hagen, Krista Hanni, Susan Barnes, and Kristy Michie January 9, 2011 Early Aberration Reporting System EARS designed as a drop-in surveillance system

293 views • 18 slides
CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

1/22/19 CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine Learning? A Simple Task: Recognize Obama How do you program a computer to Recognize faces? Recommend movies? Decide which web

581 views • 5 slides
Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their performance We use machine learning in situations where it is very challenging (or impossible) to define the rules by hand: e.g. face detection

1.04k views • 28 slides
Solving Problems in Interpretation with Machine Learning Deborah K. Sacrey Auburn Energy

Solving Problems in Interpretation with Machine Learning Deborah K. Sacrey Auburn Energy

Solving Problems in Interpretation with Machine Learning Deborah K. Sacrey Auburn Energy Weimar, Texas Case Histories Presenting Solutions Detect thin beds See fracture trends Identify faults Estimate reservoirs from geobodies

801 views • 67 slides
Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine

Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine

Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine Learning Introduction to Machine Learning 1 / 12 Outline 1 Nearest Neighbor Prediction 2 Complexity Considerations 3 The Voronoi Diagram 4 Overfitting

564 views • 12 slides
1 Why Study Machine Learning? Why Study Machine Learning? Cognitive Science The Time is Ripe

1 Why Study Machine Learning? Why Study Machine Learning? Cognitive Science The Time is Ripe

What is Learning? Herbert Simon: Learning is any process by which a system improves performance from CS 391L: Machine Learning experience. Introduction What is the task? Classification Problem solving / planning /

603 views • 6 slides
MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING

MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING

JACOPO DI IORIO, MATTEO FONTANA, DANIELE OCCHIUTO, CLAUDIA VOLPETTI MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING STATISTICAL LEARNING Separate evolutions, but with shared methodologies MERGE

565 views • 55 slides

More recommend