King's College London

Research portal

Prescience: Probabilistic Guidance on the Retraining Conundrum for Malware Detection

Research output: Chapter in Book/Report/Conference proceedingConference paper

Amit Deo, Santanu Kumar Dash, Guillermo Suarez-Tangil, Vladimir Vovk, Lorenzo Cavallaro

Original languageEnglish
Title of host publicationACM Workshop on Artificial Intelligence and Security (AISec)
DOIs
Publication statusPublished - 28 Oct 2016

Bibliographical note

Acceptance Rate: 32%

Documents

King's Authors

Abstract

Malware evolves perpetually and relies on increasingly sophisticated
attacks to supersede defense strategies. Datadriven
approaches to malware detection run the risk of becoming
rapidly antiquated. Keeping pace with malware
requires models that are periodically enriched with fresh
knowledge, commonly known as retraining. In this work,
we propose the use of Venn-Abers predictors for assessing
the quality of binary classification tasks as a first step towards
identifying antiquated models. One of the key bene-
fits behind the use of Venn-Abers predictors is that they are
automatically well calibrated and offer probabilistic guidance
on the identification of nonstationary populations of
malware. Our framework is agnostic to the underlying classification
algorithm and can then be used for building better
retraining strategies in the presence of concept drift. Results
obtained over a timeline-based evaluation with about 90K
samples show that our framework can identify when models
tend to become obsolete.

Download statistics

No data available

View graph of relations

© 2018 King's College London | Strand | London WC2R 2LS | England | United Kingdom | Tel +44 (0)20 7836 5454