Tsvi Gal

Bio: Tsvi Gal is an academic researcher from Morgan Stanley (United States). The author has contributed to research in topics: Big data. The author has an hindex of 1, co-authored 1 publications receiving 4 citations.

Cybersecurity in the Era of Data Science: Examining New Adversarial Models

Abstract: The ever-increasing volume, variety, and velocity of threats dictates a big data problem in cybersecurity and necessitates deployment of AI and machine-learning (ML) algorithms. The limitations and vulnerabilities of AI/ML systems, combined with complexity of data, introduce a new adversarial model, which is defined and discussed in this article.

Cybersecurity for Data Science: Issues, Opportunities, and Challenges

Abstract: Cybersecurity (CS) is one of the critical concerns in today’s fast-paced and interconnected world. Advancement in IoT and other computing technologies had made human life and business easy on one hand, while many security breaches are reported daily. These security breaches cost millions of dollars loss for individuals as well as organizations. Various datasets for cybersecurity are available on the Internet. There is a need to benefit from these datasets by extracting useful information from them to improve cybersecurity. The combination of data science (DS) and machine learning (ML) techniques can improve cybersecurity as machine learning techniques help extract useful information from raw data. In this paper, we have combined DS and ML for improving cybersecurity. We will use the CS dataset, and ML techniques will be applied to these datasets to identify the issues, opportunities, and cybersecurity challenges. As a contribution to research, we have provided a framework that will provide insight into ML and DS’s use for protecting cyberspace from CS attacks.

Towards Obfuscated Malware Detection for Low Powered IoT Devices

Abstract: With the increased deployment of IoT and edge devices into commercial and user networks, these devices have become a new threat vector for malware authors. It is imperative to protect these devices as they become more prevalent in commercial and personal networks. However, due to their limited computational power and storage space, especially in the case of battery-powered devices, it is infeasible to deploy state-of-the-art malware detectors onto these systems. In this work, we propose using and extracting features from Markov matrices constructed from opcode traces as a low cost feature for unobfuscated and obfuscated malware detection. We empirically show that our approach maintains a high detection rate while consuming less power than similar work.

An Adversarial Perspective on Accuracy, Robustness, Fairness, and Privacy: Multilateral-Tradeoffs in Trustworthy ML

Abstract: Model accuracy is the traditional metric employed in machine learning (ML) applications. However, privacy, fairness, and robustness guarantees are crucial as ML algorithms increasingly pervade our lives and play central roles in socially important systems. These four desiderata constitute the pillars of Trustworthy ML (TML) and may mutually inhibit or reinforce each other. It is necessary to understand and clearly delineate the trade-offs among these desiderata in the presence of adversarial attacks. However, threat models for the desiderata are different and the defenses introduced for each leads to further trade-offs in a multilateral adversarial setting (i.e., a setting attacking several pillars simultaneously). The first half of the paper reviews the state of the art in TML research, articulates known multilateral trade-offs, and identifies open problems and challenges in the presence of an adversary that may take advantage of such multilateral trade-offs. The fundamental shortcomings of statistical association-based TML are discussed, to motivate the use of causal methods to achieve TML. The second half of the paper, in turn, advocates the use of causal modeling in TML. Evidence is collected from across the literature that causal ML is well-suited to provide a unified approach to TML. Causal discovery and causal representation learning are introduced as essential stages of causal modeling, and a new threat model for causal ML is introduced to quantify the vulnerabilities introduced through the use of causal methods. The paper concludes with pointers to possible next steps in the development of a causal TML pipeline.

Towards Obfuscated Malware Detection for Low Powered IoT Devices

Abstract: With the increased deployment of IoT and edge devices into commercial and user networks, these devices have become a new threat vector for malware authors. It is imperative to protect these devices as they become more prevalent in commercial and personal networks. However, due to their limited computational power and storage space, especially in the case of battery-powered devices, it is infeasible to deploy state-of-the-art malware detectors onto these systems. In this work, we propose using and extracting features from Markov matrices constructed from opcode traces as a low cost feature for unobfuscated and obfuscated malware detection. We empirically show that our approach maintains a high detection rate while consuming less power than similar work.