About: This session focuses on diverse methods for identifying, analyzing, and understanding various types of cyber threats and vulnerabilities, ranging from malware and code flaws to social and financial fraud.
MADAR: Efficient Continual Learning for Malware Analysis with Diversity-Aware Replay
Speaker: Mohammad Saidur Rahman
This study proposes MADAR, a Continual Learning (CL) framework for malware classification, which addresses catastrophic forgetting by incorporating diversity-aware replay. It demonstrates improved detection accuracy for both Windows and Android malware datasets.
Reason. Search. Retrieve. Repeat. Iterative Retrieval for Automating Vulnerable Code Discovery
Speaker: Supriti Vijay
This paper presents a multi-turn retrieval architecture for automating vulnerable code discovery, where models iteratively generate and refine search queries. It introduces a reinforcement learning environment and dataset for training such strategies.
Social Attack Surfaces: Emerging Cybersecurity Threats in Open Source Collaboration
Speaker: Christopher Honaker
This research examines social interactions in open-source code repositories using a biased BERTopic model to identify emerging cybersecurity threats (e.g., the XZ Utils backdoor) by prioritizing negative sentiment and cybersecurity keywords.
Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack
Speaker: Edward Raff
This work explores Adversarial Machine Learning (AML) attacks on financial reporting, demonstrating how bad actors can manipulate financial statements to inflate earnings and reduce fraud scores simultaneously, highlighting a critical information security vulnerability in financial systems.