Making & Breaking Machine Learning Systems
Making & Breaking Machine Learning Systems is a fast paced session on machine learning from the Infosec professional’s point of view. The class is designed with the goal of providing students with a handson introduction to machine learning concepts and systems, as well as making and breaking security applications powered by machine learning. The lab session is designed with security usecases in mind, since using machine learning in security is very different from using it in other situations. Students will get first hand experience at cleaning data, implementing machine learning security programs, and performing penetration tests of these systems. Each attendee will be provided with a comprehensive virtual machine programming environment that is preconfigured for the tasks in the class, as well as any future machine learning experimentation and development that they will do. This environment consist of all of the most essential machine learning libraries and programming environments friendly to even novices at machine learning. At the end of the class, students will be put through a CTF challenge that will test the machine learning development and exploitation skills that they have learned over the course in a realistic environment.
What to Bring
- Latest version of VirtualBox Installed
- Administrative access on your laptop with external USB allowed
- At least 20 GB free hard disk space
- At least 4 GB RAM (the more the better)
- Basic familiarity with Linux
- Python scripting knowledge is a plus, but not essential
Who Should Attend?
- Security Professionals
- Web Application Pentesters
- Software/application developers
- People interested to start using machine learning for security
What to expect?
- Familiarizing yourself with popular machine learning algorithms and how to adapt these for different problems
- How to clean and sanitize data using powerful data processing libraries in Python
- How to build a spam classifier and online anomaly detection system in Python
- How to do performance evaluations of machine learning classifiers
- Examples for using machine learning in intrusion detection, botnet detection, phishing detection, web vulnerability analysis, malware classification, and behavioural analysis
- Perform tuning of machine learning systems to improve classification/detection results
- Perform security evaluations and penetration tests on machine learning systems
- Fuzzing machine learning classifiers
- How to avoid vulnerabilities in machine learning system and algorithm design
- How to use Apache Spark to design scalable and distributed realtime machine learning systems
- Write your own machine learning captcha solver
What not to expect?
To be a machine learning expert in just two days. This training will impart you all the necessary skills to start building security software using machine learning and teach the lesser known ways of exploiting such systems. Students need to put in further work and use the skills learnt in the class to continue their explorations in machine learning and keep up with the latest developments in this fast evolving field.