TU Wien:Machine Learning for Computer Security VU (Arp)

Aus VoWi
Zur Navigation springen Zur Suche springen

Daten[Bearbeiten | Quelltext bearbeiten]

Vortragende Daniel Christopher Arp
ECTS 6,0
Letzte Abhaltung 2025W
Sprache English
Mattermost machine-learning-for-computer-securityRegisterMattermost-Infos
Links tiss:192172
Zuordnungen
Masterstudium Software Engineering & Internet Computing Modul Artificial Intelligence for Computer Security * (Gebundenes Wahlfach)


Inhalt[Bearbeiten | Quelltext bearbeiten]

noch offen, bitte nicht von TISS/u:find oder Homepage kopieren, sondern aus Studierendensicht beschreiben.

Ablauf[Bearbeiten | Quelltext bearbeiten]

noch offen

Benötigte/Empfehlenswerte Vorkenntnisse[Bearbeiten | Quelltext bearbeiten]

noch offen

Vortrag[Bearbeiten | Quelltext bearbeiten]

noch offen

Übungen[Bearbeiten | Quelltext bearbeiten]

noch offen

Prüfung, Benotung[Bearbeiten | Quelltext bearbeiten]

2 Tests mit True False Teil und offenem Teil:

2025W T/F Prüfung 1:[Bearbeiten | Quelltext bearbeiten]

Expected Risk vs. Empirical Risk[Bearbeiten | Quelltext bearbeiten]
  1. A loss function interpolates the expected risk between two samples. | False | A loss function measures prediction error; it does not interpolate risk. Expected risk is an expectation over the data distribution — unrelated to interpolation. |
  2. The empirical risk is always greater than zero. | False | Empirical risk can be zero if the model perfectly fits the training data (e.g., zero loss). |
  3. The empirical risk is an approximation of the expected risk. | True | Directly stated in lecture: empirical risk minimizes loss on training data as a proxy for expected risk. |
  4. The average loss on the dataset is the same as the empirical risk. | True | Empirical risk is defined as the average loss over the training samples. |
Underfitting[Bearbeiten | Quelltext bearbeiten]
  1. The error on the training data is low. | False | Underfitting → high training error (model too simple). |
  2. The error on the test data is low. | False | Underfit models generalize poorly → test error also high. |
  3. Increasing the model complexity would help. | True | A more expressive model reduces underfitting. |
  4. Cross-validation reduces the risk of underfitting. | False | CV detects over/underfitting but does not reduce underfitting itself. |
Static vs Dynamic Malware Detectors[Bearbeiten | Quelltext bearbeiten]
  1. Compression and encryption help evading the static detector. | True | Static analysis is obstructed by packing/encryption (lecture ✔). |
  2. The dynamic detector classifies large quantities of data more efficiently. | False | Dynamic analysis is slow, sandbox-based, not efficient at scale. |
  3. The malware needs to be executed at least once for static detection. | False | Static analysis does not require executing the malware. |
  4. The dynamic detector only sees what the program does at runtime. | True | Dynamic analysis observes runtime behavior only. |
Features & Feature Spaces[Bearbeiten | Quelltext bearbeiten]
  1. Scaling and normalization are used to ensure that all features contribute equally. | True | Scaling prevents domination by large-scale features. |
  2. Bag-of-words features can represent textual data but disregard word order. | True | Bag-of-words ignores sequence structure. |
  3. Hashing features are used to convert numerical into categorical values. | False | Feature hashing maps features → hash indices, not numbers → categories. |
  4. Feature selection aims to increase the dimensionality of the feature space. | False | Feature selection reduces dimensionality. |
Representation Learning[Bearbeiten | Quelltext bearbeiten]
  1. Representation learning automatically extracts useful features from raw data. | True | Core definition of learned embeddings. |
  2. Good learned representations often make downstream tasks easier. | True | Better embeddings → simpler classifiers. |
  3. Representation learning always requires labeled data. | False | Many methods are self-supervised or unsupervised. |
  4. More dimensions always mean a better representation. | False | More dimensions ≠ better; can cause overfitting, inefficiency. |
Support Vector Machines (SVMs)[Bearbeiten | Quelltext bearbeiten]
  1. SVMs learn a hyperplane that separates two classes with maximum margin. | True | Fundamental SVM principle. |
  2. The number of support vectors indicates a model’s complexity. | True | More support vectors → more complex decision boundary. |
  3. Soft-margin SVMs allow some misclassification to improve generalization. | True | Controlled by slack variables (C-parameter). |
  4. The kernel trick enables SVMs to learn non-linear decision boundaries. | True | Kernel replaces dot products → implicit high-dimensional space. |

2025W T/F Prüfung 2:[Bearbeiten | Quelltext bearbeiten]

(a) Consider the task of dynamic malware analysis. Mark each statement as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. If no malicious behavior appears in the logs, the program is benign.
  2. Dynamic analysis fails if the malware is packed or encrypted.
  3. Monitoring anomalous system calls is a solution to catch hijacked processes.
  4. Dynamic analysis commonly identifies red-herring attacks during execution.
(b) Mark each statement about anomaly detection for attack detection as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. The center of neighbourhood is k-NN-based and regularized by k.
  2. Anomaly detection assumes similar statistics for normal and attack data.
  3. The semantic gap distinguishes attacks from benign anomalies.
  4. Anomaly detection cannot detect unknown attacks.
(c) Mark each statement about learned feature representations as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. Learned features may not have an intuitive explanation.
  2. The skip-gram model predicts the current word based on the words in its context.
  3. The size of the embeddings obtained with the skip-gram model is determined by the sliding window used to extract the skip-grams.
  4. Asm2Vec represents instruction sequences via averaged instruction embeddings.
(d) Please mark the following statements about ROC curves as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. A curve close to the diagonal indicates poor performance.
  2. The area under the curve is a common measure for performance.
  3. False-positive detections are not shown in the curve.
  4. The best possible performance is obtained in the top right corner.
(e) Mark each statement about Layer-Wise Relevance Propagation (LP) as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. LP redistributes the model's output score backward through the network layers.
  2. The sum of relevance scores is conserved across layers.
  3. LRP requires retraining the neural network with special loss functions.
  4. High relevance values always indicate features that increase the prediction.
(f) You are given the code property graph of a program with a known vulnerability. Mark each statement as true or false.[Bearbeiten | Quelltext bearbeiten]
  1. Detecting the vulnerability may require combining control and data flow.
  2. Graph matching on a CP yields vulnerability detection without false positives.
  3. CPGs do not include Program Dependence Graph (PDG) information.
  4. The vulnerability pattern matches the vulnerable graph, not the patched one.

Dauer der Zeugnisausstellung[Bearbeiten | Quelltext bearbeiten]

noch offen

Zeitaufwand[Bearbeiten | Quelltext bearbeiten]

noch offen

Unterlagen[Bearbeiten | Quelltext bearbeiten]

noch offen

Tipps[Bearbeiten | Quelltext bearbeiten]

noch offen

Highlights / Lob[Bearbeiten | Quelltext bearbeiten]

noch offen

Verbesserungsvorschläge / Kritik[Bearbeiten | Quelltext bearbeiten]

noch offen


Materialien

Diese Seite hat noch keine Anhänge, du kannst aber neue hinzufügen.
Abgerufen von „https://vowi.fsinf.at/index.php?title=TU_Wien:Machine_Learning_for_Computer_Security_VU_(Arp)&oldid=201259