Web Content Filtering through knowledge distillation of Large Language Models

no code implementations • 8 May 2023 • Tamás Vörös, Sean Paul Bergeron, Konstantin Berlin

We introduce a state-of-the-art approach for URL categorization that leverages the power of Large Language Models (LLMs) to address the primary objectives of web content filtering: safeguarding organizations from legal and ethical risks, limiting access to high-risk or suspicious websites, and fostering a secure and professional work environment.

Knowledge Distillation

That Escalated Quickly: An ML Framework for Alert Prioritization

no code implementations • 13 Feb 2023 • Ben Gelman, Salma Taoufiq, Tamás Vörös, Konstantin Berlin

In place of in-house solutions, organizations are increasingly moving towards managed services for cyber defense.

AI Total: Analyzing Security ML Models with Imperfect Data in Production

no code implementations • 13 Oct 2021 • Awalin Sopan, Konstantin Berlin

Development of new machine learning models is typically done on manually curated data sets, making them unsuitable for evaluating the models' performance during operations, where the evaluation needs to be performed automatically on incoming streams of new data.

BIG-bench Machine Learning

A Simple and Agile Cloud Infrastructure to Support Cybersecurity Oriented Machine Learning Workflows

no code implementations • 26 Feb 2020 • Konstantin Berlin, Ajay Lakshminarayanarao

Generating up to date, well labeled datasets for machine learning (ML) security models is a unique engineering challenge, as large data volumes, complexity of labeling, and constant concept drift makes it difficult to generate effective training datasets.

BIG-bench Machine Learning

Learning from Context: Exploiting and Interpreting File Path Information for Better Malware Detection

1 code implementation • 16 May 2019 • Adarsh Kyadige, Ethan M. Rudd, Konstantin Berlin

In this paper, we propose utilizing a static source of contextual information -- the path of the PE file -- as an auxiliary input to the classifier.

Malware Detection

Automatic Malware Description via Attribute Tagging and Similarity Embedding

2 code implementations • 15 May 2019 • Felipe N. Ducau, Ethan M. Rudd, Tad M. Heppner, Alex Long, Konstantin Berlin

With the rapid proliferation and increased sophistication of malicious software (malware), detection methods no longer rely only on manually generated signatures but have also incorporated more general approaches like machine learning detection.

Attribute BIG-bench Machine Learning +2

ALOHA: Auxiliary Loss Optimization for Hypothesis Augmentation

1 code implementation • 13 Mar 2019 • Ethan M. Rudd, Felipe N. Ducau, Cody Wild, Konstantin Berlin, Richard Harang

In this work, we fit deep neural networks to multiple additional targets derived from metadata in a threat intelligence feed for Portable Executable (PE) malware and benignware, including a multi-source malicious/benign loss, a count loss on multi-source detections, and a semantic malware attribute tag loss.

Attribute Malware Detection +1

eXpose: A Character-Level Convolutional Neural Network with Embeddings For Detecting Malicious URLs, File Paths and Registry Keys

2 code implementations • 27 Feb 2017 • Joshua Saxe, Konstantin Berlin

For years security machine learning research has promised to obviate the need for signature based detection by automatically learning to detect indicators of attack.

BIG-bench Machine Learning Intrusion Detection

Deep Neural Network Based Malware Detection Using Two Dimensional Binary Program Features

4 code implementations • 13 Aug 2015 • Joshua Saxe, Konstantin Berlin

Further, we confirm our false positive rates directly on a live stream of files coming in from Invincea's deployed endpoint solution, provide an estimate of how many new binary files we expected to see a day on an enterprise network, and describe how that relates to the false positive rate and translates into an intuitive threat score.

Cryptography and Security