Machine Learning for Computer Security

At this year's CCS conference there will be a special ACM workshop on artificial intelligence for security, named AISec. The call for papers and further information on the workshop are available at the workshop site www.aisec.info.

This looks like some pretty interesting event. The deadline for submissions of full papers is the 9th May 2008. Proceedings will be published by the ACM.

In case you missed it, there is a new track in JMLR dedicated to open source software for machine learning (MLOSS). As a first result of this effort, a community-driven web site has been started providing a platform for distribution and discussion of open machine learning software. The web site is available at www.mloss.org and features a large body of learning software to download.

I like it a lot and plan to submit some of my recent software projects; given they reach a mature state (which of course might never happen).

There is an interesting paper at this year's IEEE S&P: Gabriela Cretu and colleagues propose a method for sanitizing of training data for anomaly detection. The sanitization procedure essentially builds on learning small models from random samples and performing majority voting. Sounds familiar? This is another variant of bagging, here in the context of security for removal of unknown attacks from training data.

Casting out Demons: Sanitizing Training Data for Anomaly Sensors. To appear in the Proceedings of the IEEE Symposium on Security & Privacy, May 2008, Oakland, CA.

A small nit: I missed a comparison to anomaly detection methods capable to learn on dirty data, and thus eliminating the need of prior sanitization. But anyway...