Transcending Transcend: Revisiting Malware Classification with Conformal Evaluation

Add to your list(s) Download to your calendar using vCal

• Federico Barbero, University of Cambridge
• Tuesday 18 January 2022, 14:00-15:00
• Webinar - link on talks.cam page after 12 noon Tuesday.

If you have a question about this talk, please contact Kieron Ivy Turk.

Machine learning for malware classification shows encouraging results, but real deployments suffer from performance degradation as malware authors adapt their techniques to evade detection. This phenomenon, known as concept drift, occurs as new malware examples evolve and become less and less like the original training examples. One promising method to cope with concept drift is classification with rejection in which examples that are likely to be misclassified are instead quarantined until they can be expertly analyzed.

In this talk, I will discuss our IEEE S&P 2022 paper which proposes TRANSCENDENT , a rejection framework built on Transcend, a recently proposed strategy based on conformal prediction theory. In particular, I will hold your hand through the formal treatment of Transcend and the newly proposed conformal evaluators, with their different guarantees and computational properties. TRANSCENDENT outperforms state-of-the-art approaches while generalizing across various malware domains and classifiers. These insights support both old and new empirical findings, making Transcend a sound and practical solution for the first time.

This talk is part of the Computer Laboratory Security Seminar series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• Webinar - link on talks.cam page after 12 noon Tuesday
• bld31

Note that ex-directory lists are not shown.