Presentation information

ML Security Evasion Competition 2020
FREE REGISTRATION

ML Security Evasion Competition 2020

Zoltan Balazs (CUJO AI) & Hyrum Anderson (Microsoft)
live only
16:30 UTC on Day 3
FRIDAY 02 OCTOBER

Downloads

Research attacking ML-based image classifiers is common, but it is less frequent to see a study on how someone can bypass ML-based malware detection. In 2019, we organized a contest where participants had to modify Windows malware in such a way that the provided three ML engines do not detect it. However, the modified sample is still functionally equivalent to the original binary. As it turned out, it is not that hard to come up with a generic solution which can bypass all three engines. In this presentation, we will discuss the details of the contests from 2020 and 2019, some of the techniques used by the participants (packing, overlays, adding sections), and information on the defensive tracks.
Zoltan Balazs
CUJO AI Zoltan is the Head of Vulnerability Research Lab at CUJO AI, a company focusing on smart home security.

Before joining CUJO AI he worked as CTO for an AV testing company, as an IT security expert in the financial industry for five years, and as a senior IT security consultant at one of the Big Four companies for two years. His primary areas of expertise are penetration testing, malware analysis, computer forensics and security monitoring. He released the Zombie Browser Tool that has POC malicious browser extensions for Firefox, Chrome and Safari. He is also the developer of the Hardware Firewall Bypass Kernel Driver (HWFWBypass), the Encrypted Browser Exploit Delivery tool (#IRONSQUIRREL) and the Sandbox tester tool to test malware analysis sandboxes.

He found and disclosed a vulnerability in IP cameras, which was exploited by the Persirai botnet, running on ˜600 000 cameras.
Hyrum Anderson
Microsoft Hyrum Anderson is Principal Architect in the Azure Trustworthy Machine Learning Group at Microsoft. Prior to joining Microsoft, he was Chief Scientist at Endgame, and conducted research in information security and situational awareness at FireEye, Mandiant, Sandia National Laboratories, and MIT Lincoln Laboratory. He received his Ph.D. in electrical engineering (signal processing + machine learning) from the University of Washington and B.S. and M.S. degrees from Brigham Young University.

Hyrum is cofounder and co-chair of the Conference on Applied Machine Learning in Information Security and has spoken at numerous signal processing, machine learning and security conferences, including RSA, DEFCON and BlackHat.
arrow left Back

ML Security Evasion Competition 2020

16:30 - 17:00 UTC Fri 2 Oct 2020
Zoltan Balazs (CUJO AI) & Hyrum Anderson (Microsoft)
Research attacking ML-based image classifiers is common, but it is less frequent to see a study on how someone can bypass ML-based malware detection. In 2019, we organized a contest where participants had to modify Windows malware in such a way that the provided three ML engines do not detect it. However, the modified sample is still functionally equivalent to the original binary. As it turned out, it is not that hard to come up with a generic solution which can bypass all three engines. In this presentation, we will discuss the details of the contests from 2020 and 2019, some of the techniques used by the participants (packing, overlays, adding sections), and information on the defensive tracks.
Zoltan Balazs
CUJO AI Zoltan is the Head of Vulnerability Research Lab at CUJO AI, a company focusing on smart home security.

Before joining CUJO AI he worked as CTO for an AV testing company, as an IT security expert in the financial industry for five years, and as a senior IT security consultant at one of the Big Four companies for two years. His primary areas of expertise are penetration testing, malware analysis, computer forensics and security monitoring. He released the Zombie Browser Tool that has POC malicious browser extensions for Firefox, Chrome and Safari. He is also the developer of the Hardware Firewall Bypass Kernel Driver (HWFWBypass), the Encrypted Browser Exploit Delivery tool (#IRONSQUIRREL) and the Sandbox tester tool to test malware analysis sandboxes.

He found and disclosed a vulnerability in IP cameras, which was exploited by the Persirai botnet, running on ˜600 000 cameras.
Hyrum Anderson
Microsoft Hyrum Anderson is Principal Architect in the Azure Trustworthy Machine Learning Group at Microsoft. Prior to joining Microsoft, he was Chief Scientist at Endgame, and conducted research in information security and situational awareness at FireEye, Mandiant, Sandia National Laboratories, and MIT Lincoln Laboratory. He received his Ph.D. in electrical engineering (signal processing + machine learning) from the University of Washington and B.S. and M.S. degrees from Brigham Young University.

Hyrum is cofounder and co-chair of the Conference on Applied Machine Learning in Information Security and has spoken at numerous signal processing, machine learning and security conferences, including RSA, DEFCON and BlackHat.