There is an emerging arms race in the field of adversarial machine learning. Recent results suggest that machine learning systems are vulnerable to a wide range of attacks; meanwhile, there are no systematic defenses. In this talk, I will discuss what a similar arms race, which unfolded over the past 30 years in the field of malware detection, can teach us about the security of machine learning. I will use the lessons learned from malware research as a vehicle for highlighting both challenges and promising research directions for using machine learning under adversarial pressure.
Tudor Dumitras is an Associate Professor in the Electrical and Computer Engineering Department at the University of Maryland, College Park. His research focuses on data-driven security: he studies real-world adversaries empirically, he builds machine learning systems for detecting attacks and predicting security incidents, and he investigates the security of machine learning in adversarial environments. In his previous role at Symantec Research Labs he built the Worldwide Intelligence Network Environment (WINE) - a data analytics platform for security research. His work on the effectiveness of certificate revocations in the Web PKI was featured in the Research Highlights of the Communications of the ACM in 2018, and his measurement of the duration and prevalence of zero-day attacks received an Honorable Mention in the NSA competition for the Best Scientific Cybersecurity Paper of 2012. He also received the 2011 A. G. Jordan Award from the ECE Department at Carnegie Mellon University, the 2009 John Vlissides Award from ACM SIGPLAN, and the Best Paper Award at ASP-DAC 2003. Tudor holds a Ph.D. degree from Carnegie Mellon University.