Exploiting Machine Learning to Subvert Your Spam Filter

Using statistical machine learning for making security decisions introduces new vulnerabilities in large scale systems. This paper shows how an adversary can exploit statistical machine learning, as used in the SpamBayes spam filter, to render it useless—even if the adversary’s access is limited to only 1 % of the training messages. We further demonstrate a new class of focused attacks that successfully prevent victims from receiving specific email messages. Finally, we introduce two new types of defenses against these attacks.

On the security of machine learning in malware C & C detection:a survey

One of the main challenges in security today is defending against malware attacks. As trends and anecdotal evidence show, preventing these attacks, regardless of their indiscriminate or targeted nature, has proven difficult: intrusions happen and devices get compromised, even at security-conscious organizations. As a consequence, an alternative line of work has focused on detecting and disrupting the individual steps that follow an initial compromise and are essential for the successful progression of the attack. In particular, several approaches and techniques have been proposed to identify the command and control (C&C) channel that a compromised system establishes to communicate with its controller. A major oversight of many of these detection techniques is the design's resilience to evasion attempts by the well-motivated attacker. C&C detection techniques make widespread use of a machine learning (ML) component. Therefore, to analyze the evasion resilience of these detection techniques, we first systematize works in the field of C&C detection and then, using existing models from the literature, go on to systematize attacks against the ML components used in these approaches

Machine Learning Security

Abstrac

Applications in security and evasions in machine learning : a survey

In recent years, machine learning (ML) has become an important part to yield security and privacy in various applications. ML is used to address serious issues such as real-time attack detection, data leakage vulnerability assessments and many more. ML extensively supports the demanding requirements of the current scenario of security and privacy across a range of areas such as real-time decision-making, big data processing, reduced cycle time for learning, cost-efficiency and error-free processing. Therefore, in this paper, we review the state of the art approaches where ML is applicable more effectively to fulfill current real-world requirements in security. We examine different security applications' perspectives where ML models play an essential role and compare, with different possible dimensions, their accuracy results. By analyzing ML algorithms in security application it provides a blueprint for an interdisciplinary research area. Even with the use of current sophisticated technology and tools, attackers can evade the ML models by committing adversarial attacks. Therefore, requirements rise to assess the vulnerability in the ML models to cope up with the adversarial attacks at the time of development. Accordingly, as a supplement to this point, we also analyze the different types of adversarial attacks on the ML models. To give proper visualization of security properties, we have represented the threat model and defense strategies against adversarial attack methods. Moreover, we illustrate the adversarial attacks based on the attackers' knowledge about the model and addressed the point of the model at which possible attacks may be committed. Finally, we also investigate different types of properties of the adversarial attacks

Online Network Forensics for Automatic Repair Validation

Automated intrusion prevention and self-healing software are active areas of security systems research. A major hurdle for the widespread deployment of these systems is that many system administrators lack confidence in the quality of the generated fixes. Thus, a key requirement for future self-healing software is that each automatically-generated fix must be validated before deployment. Under the response rates required by self-healing systems, we believe such verification must proceed automatically. We call this process Automatic Repair Validation (ARV). We describe the design and implementation of Bloodhound, a system that tags and tracks information between the kernel and the application and correlates symptoms of exploits (such as memory errors) with high-level data (e.g., network flows). By doing so, Bloodhound can replay the flows that triggered the repair process against the newly healed application to help show that the repair is accurate (i.e., it defeats the exploit). We show through experimentation a performance impact of as little as 2.6%

The Structural Basis of Coenzyme A Recycling in a Bacterial Organelle.

Bacterial Microcompartments (BMCs) are proteinaceous organelles that encapsulate critical segments of autotrophic and heterotrophic metabolic pathways; they are functionally diverse and are found across 23 different phyla. The majority of catabolic BMCs (metabolosomes) compartmentalize a common core of enzymes to metabolize compounds via a toxic and/or volatile aldehyde intermediate. The core enzyme phosphotransacylase (PTAC) recycles Coenzyme A and generates an acyl phosphate that can serve as an energy source. The PTAC predominantly associated with metabolosomes (PduL) has no sequence homology to the PTAC ubiquitous among fermentative bacteria (Pta). Here, we report two high-resolution PduL crystal structures with bound substrates. The PduL fold is unrelated to that of Pta; it contains a dimetal active site involved in a catalytic mechanism distinct from that of the housekeeping PTAC. Accordingly, PduL and Pta exemplify functional, but not structural, convergent evolution. The PduL structure, in the context of the catalytic core, completes our understanding of the structural basis of cofactor recycling in the metabolosome lumen

Transcriptional Insights of Oxidative Stress and Extracellular Traps in Lung Tissues of Fatal COVID-19 Cases.

Neutrophil extracellular traps (NETs) and oxidative stress are considered to be beneficial in the innate immune defense against pathogens. However, defective clearance of NETs in the lung of acute respiratory syndrome coronavirus 2 (SARS-CoV-2)-infected patients could lead to severe respiratory syndrome infection, the so-called coronavirus disease 2019 (COVID-19). To elucidate the pathways that are related to NETs within the pathophysiology of COVID-19, we utilized RNA sequencing (RNA-seq) as well as immunofluorescence and immunohistochemistry methods. RNA-seq analysis provided evidence for increased oxidative stress and the activation of viral-related signaling pathways in post-mortem lungs of COVID-19 patients compared to control donors. Moreover, an excess of neutrophil infiltration and NET formation were detected in the patients' lungs, where the extracellular DNA was oxidized and co-localized with neutrophil granule protein myeloperoxidase (MPO). Interestingly, staining of the lipid peroxidation marker 4-hydroxynonenal (4-HNE) depicted high colocalization with NETs and was correlated with the neutrophil infiltration of the lung tissues, suggesting that it could serve as a suitable marker for the identification of NETs and the severity of the disease. Moreover, local inhalation therapy to reduce the excess lipid oxidation and NETs in the lungs of severely infected patients might be useful to ameliorate their clinical conditions