The idea of using machine learning (ML) to solve problems in security domains is almost three decades old. However, as information and communications grow more ubiquitous and more data become available, many security risks have arisen. Consequently, research on applying and designing ML algorithms and systems for security has grown fast, ranging from intrusion detection systems (IDS) and malware classification to security policy management (SPM) and information leak checking.
Parvez Ahammad systematically analyzes the methods, algorithms, and system designs in academic publications from 2008 to 2015 that applied ML in security domains. 98 percent of the surveyed papers appeared in the six highest-ranked academic security conferences or a major conference known for pioneering ML applications in security. Parvez examines the generalized system designs, underlying assumptions, measurements, and use cases in active research and shares a taxonomy on ML paradigms and security domains for future exploration and exploitation and an agenda detailing open and upcoming challenges for applying ML in security. Parvez also explores treating security as a game theory problem instead of a batch-trained ML problem.
ML applications in security domains are attracting academic research attention as well as industrial interest, presenting a valuable opportunity for researchers to navigate the landscapes between ML theories and security applications. Apart from highlighting that semisupervised and unsupervised ML paradigms are more effective in utilizing unlabeled data, and hence ease the difficulty of obtaining labeled data, and that Game Theory (GT)-based ML paradigms and human-in-the-loop (HITL) ML system designs will become more influential in dealing with semi-aggressive and aggressive attackers, Parvez presents seven speculations of future trends.
Parvez Ahammad leads the data science and machine learning efforts at Instart Logic. His group is focused on creating data-driven algorithms and innovative product features that optimize and secure web application delivery at scale. He has applied machine learning in a variety of domains, most recently to computational neuroscience, web application delivery and web application security. Along the way, he has mentored data scientists, built teams and has had to grapple with issues like explainability and interpretability of ML systems, insufficient amount of labeled data, scalability, ethics, and adversaries who target ML models. Parvez holds a PhD in electrical engineering and computer sciences from UC Berkeley, with an emphasis in computer vision and machine learning.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com
Apache Hadoop, Hadoop, Apache Spark, Spark, and Apache are either registered trademarks or trademarks of the Apache Software Foundation in the United States and/or other countries, and are used with permission. The Apache Software Foundation has no affiliation with and does not endorse, or review the materials provided at this event, which is managed by O'Reilly Media and/or Cloudera.