publication . Preprint . 2017

Attacking Machine Learning models as part of a cyber kill chain

Nguyen, Tam N.;
Open Access English
  • Published: 01 May 2017
Abstract
Machine learning is gaining popularity in the network security domain as many more network-enabled devices get connected, as malicious activities become stealthier, and as new technologies like Software Defined Networking emerge. Compromising machine learning model is a desirable goal. In fact, spammers have been quite successful getting through machine learning enabled spam filters for years. While previous works have been done on adversarial machine learning, none has been considered within a defense-in-depth environment, in which correct classification alone may not be good enough. For the first time, this paper proposes a cyber kill-chain for attacking machi...
Subjects
free text keywords: Computer Science - Cryptography and Security
Download from

[1] US Bureau of Labor Statistics, “Occupational Outlook Handbook: U.S. Bureau of Labor Statistics,” 2016. [Online]. Available: https://goo.gl/foVZk0

[2] C. V. N. I. Forecast, “Cisco visual networking index: Global mobile data traffic forecast update 2016-2021,” Cisco Public Information, February, 2017. [Online]. Available: https://goo.gl/tIIk4D

[3] E. M. Hutchins, M. J. Cloppert, and R. M. Amin, “IntelligenceDriven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains.” [Online]. Available: https://goo.gl/HOhsqh

[4] Cisco, “NetFlow Version 9 Flow-Record Format [IP Application Services],” 6 2011. [Online]. Available: http://tiny.cc/lcvoky

[5] M. Blowers and J. Williams, “Machine Learning Applied to Cyber Operations.” Springer New York, 2014, pp. 155-175.

[6] A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 22 2016. [Online]. Available: http://ieeexplore.ieee.org/document/7307098/

[7] F. Trame`r, F. Zhang, F. E. Epfl, A. Juels, M. K. Reiter, and T. Ristenpart, “Stealing Machine Learning Models via Prediction APIs,” in Proceedings of the 25th USENIX Security Symposium, 2016.

[8] M. Fredrikson, S. Jha, and T. Ristenpart, “Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures.” [Online]. Available: http://dl.acm.org/citation.cfm?id=2813677

[9] D. Lowd and C. Meek, “Adversarial Learning.” [Online]. Available: http://dl.acm.org/citation.cfm?id=1081950

[10] M. Bru¨ckner and T. Scheffer, “Stackelberg Games for Adversarial Prediction Problems.”

[11] Y. Zhou and M. Kantarcioglu, “Modeling Adversarial Learning as Nested Stackelberg Games.” [Online]. Available: https://goo.gl/UiJsUK

[12] IBM, “IBM - Visual Recognition Demo.” [Online]. Available: https://visual-recognition-demo.mybluemix.net/

[13] Tam Nguyen, “Project Wolf Eye,” 2017. [Online]. Available: https://github.com/genterist/wolfeye

[14] Apache Organization, “Apache Spot.” [Online]. Available: http://spot.incubator.apache.org/

Abstract
Machine learning is gaining popularity in the network security domain as many more network-enabled devices get connected, as malicious activities become stealthier, and as new technologies like Software Defined Networking emerge. Compromising machine learning model is a desirable goal. In fact, spammers have been quite successful getting through machine learning enabled spam filters for years. While previous works have been done on adversarial machine learning, none has been considered within a defense-in-depth environment, in which correct classification alone may not be good enough. For the first time, this paper proposes a cyber kill-chain for attacking machi...
Subjects
free text keywords: Computer Science - Cryptography and Security
Download from

[1] US Bureau of Labor Statistics, “Occupational Outlook Handbook: U.S. Bureau of Labor Statistics,” 2016. [Online]. Available: https://goo.gl/foVZk0

[2] C. V. N. I. Forecast, “Cisco visual networking index: Global mobile data traffic forecast update 2016-2021,” Cisco Public Information, February, 2017. [Online]. Available: https://goo.gl/tIIk4D

[3] E. M. Hutchins, M. J. Cloppert, and R. M. Amin, “IntelligenceDriven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains.” [Online]. Available: https://goo.gl/HOhsqh

[4] Cisco, “NetFlow Version 9 Flow-Record Format [IP Application Services],” 6 2011. [Online]. Available: http://tiny.cc/lcvoky

[5] M. Blowers and J. Williams, “Machine Learning Applied to Cyber Operations.” Springer New York, 2014, pp. 155-175.

[6] A. L. Buczak and E. Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 22 2016. [Online]. Available: http://ieeexplore.ieee.org/document/7307098/

[7] F. Trame`r, F. Zhang, F. E. Epfl, A. Juels, M. K. Reiter, and T. Ristenpart, “Stealing Machine Learning Models via Prediction APIs,” in Proceedings of the 25th USENIX Security Symposium, 2016.

[8] M. Fredrikson, S. Jha, and T. Ristenpart, “Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures.” [Online]. Available: http://dl.acm.org/citation.cfm?id=2813677

[9] D. Lowd and C. Meek, “Adversarial Learning.” [Online]. Available: http://dl.acm.org/citation.cfm?id=1081950

[10] M. Bru¨ckner and T. Scheffer, “Stackelberg Games for Adversarial Prediction Problems.”

[11] Y. Zhou and M. Kantarcioglu, “Modeling Adversarial Learning as Nested Stackelberg Games.” [Online]. Available: https://goo.gl/UiJsUK

[12] IBM, “IBM - Visual Recognition Demo.” [Online]. Available: https://visual-recognition-demo.mybluemix.net/

[13] Tam Nguyen, “Project Wolf Eye,” 2017. [Online]. Available: https://github.com/genterist/wolfeye

[14] Apache Organization, “Apache Spot.” [Online]. Available: http://spot.incubator.apache.org/

Powered by OpenAIRE Open Research Graph
Any information missing or wrong?Report an Issue