External Javascripts are not allowed

Machine Learning for Computer Security


General


SemesterSummer 2013
LecturerProf. Dr. Konrad Rieck
AssistantFabian Yamaguchi
Course typeLecture (UniVZ)
ModuleM.Inf.1224
ECTS (SWS)6 (4)
DateLecture: Tuesday, 10–12
Exercise: Wednesday, 10–12
LocationLecture: Informatik 2.101
Exercise: Informatik 1.101
StartLecture: 9.4.2013
Exercise: 10.4.2013
Audio recordingyes
AudienceApplied Computer Science MSc
Applied Computer Science BSc
ITIS MSc

Description


The course deals with the combination of machine learning and computer security. Approaches for automatically detecting and analyzing security threats are discussed. Topics include anomaly detection, automatic signature generation, classification and clustering of malicious software.

Topics

  • Basic concepts of machine learning
  • Analysis of structured data
  • Anomaly and intrusion detection
  • Clustering and classification of malware

  • Automatic signature generation
  • Vulnerability discovery
  • Evasion, poisoning and mimicry
  • Machine learning and privacy

Schedule

     Date Topic Slides Video Sheets
     09.04. Introductionxx
     16.04. Machine Learning in a Nutshellxx1
     23.04. Feature Spaces and Kernel Functionsxx2
     30.04. Tutorial: Numpy, Scipy and Matplotlibxx
     07.05. Learning-based Intrusion Detection Ixx3
     14.05. Learning-based Intrusion Detection IIxx4
     21.05. Automatic Signature Generationxx5
     28.05. Clustering of Malicious Softwarexx6
     04.06. Excursus: Deobfuscating Embedded Malwarexx7
     11.06. Vulnerability Discovery using Machine Learningxx8
     18.06. Adversarial Machine Learning
    (Guest: Dr. Pavel Laskov, University of Tübingen)
    xx
     25.06. Privacy Attacks using Machine Learningxx9
     02.07. Closing and Outlook (Theses Topics)x
     09.07. — written exam —

    Exam


    You need to solve 50% of the exercise sheets to take part in the written exam. The exam will take place on the 09.07.2013 from 10.00–12.00 in Room 2.101. You need to register for the exam with FlexNow (or at your Examination Office). The exam will be in English. Please do not bring any additional material to the exam.

    Results

       MD5 of matriculation number Grade Points
      e277742c98c271c3f28a48593a21fa3b2.041.5
      5f1e7f2c52b14dc48ba6e3a9709cc0872.041.5
      a2fa8e335f42aa3581728775a0e8a0601.742.5
      ee5cdcffe481a407f3428a7d2c66b05e2.339.5
      b1313a77d89fae3445785590cc09dc983.033.5
      2682dc0afd84531ecb66d4a44b7f8b142.040.0
      8bc480dbf0a339ef00825e69b779d0a81.345.5
      d40030489375f123bf6e556c719f2ecd2.734.5
      dc944797f57a8490cdf50dce958f0ff31.743.0
      2080c20764fef945ed691335118e2b561.047.5
      5268e056bf8d521d7e707cf1f79aa0235.023.0
      83704c8a2d269ac292f266220d07bcc22.339.5
      3cfe85e06340521fd06ffc15fb8a815b3.330.0

      results


      Mailing List


      There is a mailing list for the lecture. News and updates regarding the schedule are posted to this list. Furthermore, the list allows students to discuss topics of the lecture. You can register for the mailing list here.

      IRC Channel


      All students of the course are encouraged to join the IRC channel #goesec on EFnet. The channel is used as a platform for discussing and chatting about computer security in a casual atmosphere.

      References

      • Duda, Hart and Stork: Pattern Classification. Wiley & Sons 2001
      • Shawe-Taylor & Cristianini. Kernel Methods for Pattern Analysis. Cambridge 2004.
      • Gollmann: Computer Security. Wiley & Sons, 2011
      • Szor: The Art of Computer Virus Research and Defense. Addison-Wesley, 2005
      • More references will be announced in each lecture