Introduction Abstract
Introduction PresenterExploring the bleeding edge intersection between Deep Learning and Security
Deep learning has made huge advances and impact in many areas of computer science such as vision, speech, NLP, and robotics. Many exciting research questions lie in the intersection of security and deep learning.
First, how will these deep learning systems behave in the presence of adversaries? Research has shown that many of the state-of-the-art deep learning systems can be easily fooled by adversarial examples. We will explore fundamental questions in this area including what types of attacks are possible on deep learning systems, why they exist, and how we can defend against them.
Second, how can deep learning techniques help security applications? We will explore this area and study example security applications using deep learning techniques including program binary analysis, password security analysis, malware detection and fraud detection.
This year we will also have a Research Forum on Dec 14. Submission deadline is on Nov 5, 2017.
Professor
University of California, Berkeley
Assistant Professor
National University of Singapore
Meet our invited speakers
Our programme for the event
Introduction Abstract
Introduction PresenterNetworks and graphs are prevalent in many real world applications such as online social networks, transactions in payment platforms, user-item interactions in recommendation systems and relational information in knowledge bases. The availability of large amount of graph data has posed great new challenges. How to represent such data to capture similarities or differences between involved entities? How to learn predictive models and perform reasoning based on a large amount of such data? Previous deep learning models, such as CNN and RNN, are designed for images and sequences, but they are not applicable to graph data.
In this talk, I will present an embedding framework, called Structure2Vec, for learning representation for graph data in an end-to-end fashion. Structure2Vec provides a unified framework for integrating information from node characteristics, edge features, heterogeneous network structures and network dynamics, and linking them to downstream supervised and unsupervised learning, and reinforcement learning. I will also discuss several applications in security analytics where Structure2Vec leads to significant improvement over previous state-of-the-arts.
Le SongMost enterprises provide Web services open to the public and thus are prone to Web attacks. Among these attacks, SQL Injection (SQLi) is a very serious threat, which could lead to catastrophic data leaking and loss. Lots of research efforts have been devoted into SQLi detection areas thereafter and heuristic rule based Web Application Firewall (WAF) was invented and deployed for protections. However, subtle and carefully crafted SQLi attacks can still easily hide themselves from being detected. Deep learning methods were introduced in recent years and they have shown a great strength to learn and describe complex semantic contents. In this talk, we present a CNN based SQLi detection implementation, which also has an ability to propose locations of suspect attack payloads within an URL request. Experimental results show that our implementation outperforms a leading method called Libinjection and our current version Alibaba Cloud WAF.
Liang Shi, Tianlong Liu, Min YeThe proliferation of interconnected sensors all around us opens up new opportunities and challenges in machine learning, security, and authentication. This talk covers our real world experience in developing an implicit authentication platform using deep learning on sensor data and user behavior. Humans are creatures of habit and there are unique behavioral aspects in the way people walk, type, and move that are both unique and consistent. We have developed a solution that can achieve a high level of accuracy (>99.999%) based purely on passive factors, without requiring any conscious user action.
Developing a implicit authentication solution that works in the real world requires a creative application of machine learning as well as new innovations and techniques. We will cover some of the challenges that we have encountered applying deep learning techniques to user authentication in the real world.
John WhaleyInfo about poster presentations
I will talk about what machine learning privacy is, and will discuss how and why machine learning models leak information about the individual data records on which they were trained. My quantitative analysis will be based on the fundamental membership inference attacks: given a data record and (black-box) access to a model, determine if a record was in the model’s training set. I will demonstrate how to build such inference attacks on different classification models e.g., trained by commercial “machine learning as a service” providers such as Google and Amazon.
Reza ShokriDeep Learning models are vulnerable to adversarial attacks, which can reliably cause the models to misbehave, for example convincing an image classifier that an image of a cat is actually a dog. We will discuss some of the recent attacks and attempts at defending against such attacks, and look at how adversarial attacks may be harnessed to improve the robustness of Deep Learning models.
Ian FischerAs a kind of biometrics, fingerprint recognition is so popular and been used all over the world,for example, the mobile phone,the access control system,and so on.As all people think, fingerprint recognition is more secure than others, such as password. And it’s so difficult to clone a fingerprint, for example,use it to unlock the screen of mobile phone. But we have found a way to easily capture and clone a person’s fingerprint.It’s so fast and has a low cost. we well show you how to clone a fingerprint with a paper and a foam pad in a few minutes. In consideration of the subject of this meeting, we will show you the research of how to find a fingerprint use fast RCNN, Fast Region-based Convolutional Networks for object detection. we just want to talk about how to solve security problems with deep learning, and operate in actual situation.
Gao ShupengInfo about poster presentations
Google Research
Ian Fischer is a Machine Learning researcher at Google. His recent work spans topics in computer vision, adversarial machine learning and robustness, generative models, and reinforcement learning.
UnifyID
John Whaley is Founder and CEO of UnifyID. He was previously Founder and CTO of Moka5, and was a Visiting Lecturer in Computer Science at Stanford. He is an expert in computer security and has spoken at numerous conferences and industry events. He holds a doctorate in computer science from Stanford University, where he made key contributions to the fields of program analysis, compilers, and virtual machines. He is the winner of numerous awards including the Arthur L. Samuel Thesis Award for Best Thesis at Stanford, and has worked at IBM’s T.J. Watson Research Center and Tokyo Research Lab. John was named one of the top 15 programmers in the USA Computing Olympiad. He also holds bachelor’s and master’s degrees in computer science from MIT.
Georgia Institute of Technology
Ant Financial
Le Song is an Associate Professor in the Department of Computational Science and Engineering, College of Computing, and an Associate Director of the Center for Machine Learning, Georgia Institute of Technology. Le is also working with Ant Financial AI Department on risk management, security and finance related problems. He received his Ph.D. in Machine Learning from University of Sydney and NICTA in 2008, and then conducted his post-doctoral research in the Department of Machine Learning, Carnegie Mellon University, between 2008 and 2011. Before he joined Georgia Institute of Technology in 2011, he was a research scientist at Google briefly. His principal research direction is machine learning, especially nonlinear models, such as kernel methods and deep learning, and probabilistic graphical models for large scale and complex problems, arising from artificial intelligence, network analysis and other interdisciplinary domains. He is the recipient of the Recsys’16 Deep Learning Workshop Best Paper Award, AISTATS'16 Best Student Paper Award, IPDPS'15 Best Paper Award, NSF CAREER Award’14, NIPS’13 Outstanding Paper Award, and ICML’10 Best Paper Award. He has also served as the area chair or senior program committee for many leading machine learning and AI conferences such as ICML, NIPS, AISTATS, AAAI and IJCAI. He is also the action editor for JMLR, and associate editor for IEEE PAMI.
Alibaba Cloud Security
Liang Shi, currently a Staff Expert&Manager of Security Data Science team from Alibaba Clound Security, worked as Sr. Data Scientist for Pivotal, Sr. Security Researcher for Intel Security, and Software Engnineer for Microsoft. He concentrates on security R&D by machine learning and data mining. He got his Ph.D. in computer science and M.S. in statistics from University of Georgia.
Alibaba Cloud Security
Min Ye is a Senior Security Expert at Alibaba Cloud. He leads Alibaba Cloud’s security research team, which has done extensive research on security attacks and defenses to improve their security products. His fields of interest include intrusion detection and prevention, web security, malware analysis, and security dada analysis. Currently he is mainly focused on applying machine learning to attack and malware detection.
National University of Singapore
Reza Shokri is a computer science assistant professor at National University of Singapore. He is an active member of the security and privacy community, and his research focuses on data and computational privacy. He received his PhD from EPFL.
Alibaba Cloud Security
Tianlong Liu is a Senior Algorithm Engineer working in Alibaba Cloud Security.The primary area of focus for his work has been in machine learning and deep learning. He got his M.S. in software engineering from South China University of Technology.