About: This session focuses on diverse methods for identifying, analyzing, and understanding various types of cyber threats and vulnerabilities, ranging from malware and code flaws to social and financial fraud.

MADAR: Efficient Continual Learning for Malware Analysis with Diversity-Aware Replay

Speaker: Mohammad Saidur Rahman

Author(s): Mohammad Saidur Rahman; Scott Coull; Qi Yu; Matthew Wright

This study proposes MADAR, a Continual Learning (CL) framework for malware classification, which addresses catastrophic forgetting by incorporating diversity-aware replay. It demonstrates improved detection accuracy for both Windows and Android malware datasets.

Reason. Search. Retrieve. Repeat. Iterative Retrieval for Automating Vulnerable Code Discovery

Speaker: Supriti Vijay

Author(s): Supriti Vijay; Aman Priyanshu

This paper presents a multi-turn retrieval architecture for automating vulnerable code discovery, where models iteratively generate and refine search queries. It introduces a reinforcement learning environment and dataset for training such strategies.

Social Attack Surfaces: Emerging Cybersecurity Threats in Open Source Collaboration

Speaker: Christopher Honaker

Author(s): Christopher Honaker

This research examines social interactions in open-source code repositories using a biased BERTopic model to identify emerging cybersecurity threats (e.g., the XZ Utils backdoor) by prioritizing negative sentiment and cybersecurity keywords.

Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack

Speaker: Edward Raff

Author(s): Edward Raff; Karen Kukla; Michel Benaroch; Joseph Comprix

This work explores Adversarial Machine Learning (AML) attacks on financial reporting, demonstrating how bad actors can manipulate financial statements to inflate earnings and reduce fraud scores simultaneously, highlighting a critical information security vulnerability in financial systems.