Machine Learning for Offensive Computer Security

HORIZON.1.1HORIZON-ERCID: 101043410
EC Contribution
€19,620
Consortium Size
2 orgs
Summary

Despite a long series of research, computer attacks still pose a major threat to the security of digital systems. Different malicious actors, such as cybercriminals and intelligence agencies, continuously develop new offensive techniques to evade and outsmart existing defenses. As a result, security research is in a constant arms race and needs to anticipate novel developments as early as possible. However, one of the key technologies of the last years, machine learning, has received very little attention in offensive security so far. The simple question — ''how would a hacker use machine learning?'' — is largely unexplored and there is a striking gap in current research that hinders the anticipation of forthcoming threats. The project Malfoy closes this gap and systematically explores how machine learning can be applied for offensive computer security. By adopting the position of an adversary, we investigate how learning algorithms can be used to find security flaws, generate exploits, and construct computer attacks. To this end, we combine offensive security techniques with modern concepts for discriminative, generative, and reinforcement learning. Our goal is to assess how these techniques can interface with each other and improve their performance through learning. Based on this analysis, we become able to devise completely novel defenses that account for the presence of machine learning in the toolchain of attackers. Despite its offensive nature, the project thus strengthens computer security: First, it explores an uncharted area of research and hence will substantially expand our knowledge about modern computer attacks. Second, the project gives rise to novel and disruptive protection mechanisms, which enable us to move one step ahead of attack development. Finally, the project links two disconnected areas (offensive security and machine learning) and thereby establishes a new branch of joint research.

Consortium (2)

Project Results (9)

Source: CORDIS, the EU research results database.

Publications (8)
Dancer in the Dark: Synthesizing and Evaluating Polyglots for Blind Cross-Site Scripting
Proceedings of the USENIX Security Symposium· 2025
Robin Kirchner, Jonas Mller, Marius Musch, David Klein, Konrad Rieck, Martin Johns.
Cross-Language Differential Testing of JSON Parsers
Proceedings of the ACM Asia Conference on Computer and Communications Security· 2024DOI
Jonas Mller; Felix Weiberg; Lukas Pirch; Thorsten Eisenhofer; Konrad Rieck
I still know it's you! On Challenges in Anonymizing Source Code
Proceedings on Privacy Enhancing Technologies· 2024DOI
Micha Horlboge, Erwin Quiring, Roland Meyer, Konrad Rieck
On the Role of Pre-trained Embeddings in Binary Code Analysis
Proceedings of the ACM Asia Conference on Computer and Communications Security· 2024DOI
Alwin Maier, Felix Weissberg, Konrad Rieck
SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing
Proceedings of the ACM Asia Conference on Computer and Communications Security· 2024DOI
Felix Weissberg; Jonas Mller; Tom Ganz; Erik Imgrund; Lukas Pirch; Lukas Seidel; Moritz Schloegel; Thorsten Eisenhofer; Konrad Rieck
"No more Reviewer #2: Subverting Automatic Paper-Reviewer Assignment using Adversarial Learning"
Proceedings of the USENIX Security Symposium· 2023
Thorsten Eisenhofer; Erwin Quiring; Jonas Mller; Doreen Riepel; Thorsten Holz; Konrad Rieck
Broken Promises: Measuring Confounding Effects in Learning-based Vulnerability Discovery
Proceedings of the ACM Workshop on Artificial Intelligence and Security· 2023DOI
Erik Imgrund; Tom Ganz; Martin Hrterich; Lukas Pirch; Niklas Risse; Konrad Rieck
Lazy Gatekeepers: A Large-Scale Study on SPF Configuration in the Wild
Proceedings of the ACM on Internet Measurement Conference· 2023DOI
Stefan Czybik; Micha Horlboge; Konrad Rieck
Other Results (1)
Periodic Reporting for period 1 - MALFOY (Machine Learning for Offensive Computer Security)