Dos and Don'ts of Machine Learning in Computer Security

by   Daniel Arp, et al.

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, spawning a series of work on learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment. In this paper, we look at this problem with critical eyes. First, we identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We conduct a longitudinal study of 30 papers from top-tier security conferences within the past 10 years, confirming that these pitfalls are widespread in the current security literature. In an empirical analysis, we further demonstrate how individual pitfalls can lead to unrealistic performance and interpretations, obstructing the understanding of the security problem at hand. As a remedy, we derive a list of actionable recommendations to support researchers and our community in avoiding pitfalls, promoting a sound design, development, evaluation, and deployment of learning-based systems for computer security.


Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning

Learning-based pattern classifiers, including deep networks, have demons...

Don't Paint It Black: White-Box Explanations for Deep Learning in Computer Security

Deep learning is increasingly used as a basic building block of security...

Threat Assessment in Machine Learning based Systems

Machine learning is a field of artificial intelligence (AI) that is beco...

Security of OS-level virtualization technologies: Technical report

The need for flexible, low-overhead virtualization is evident on many fr...

AI-Driven Container Security Approaches for 5G and Beyond: A Survey

The rising use of microservices based software deployment on the cloud l...

Motivating the Rules of the Game for Adversarial Example Research

Advances in machine learning have led to broad deployment of systems wit...

UEFI virtual machine firmware hardening through snapshots and attack surface reduction

The Unified Extensible Firmware Interface (UEFI) is a standardised inter...

Please sign up or login with your details

Forgot password? Click here to reset