Matt Wolff

Learn More
—There is an especially strong need in modern large-scale data analysis to prioritize samples for manual inspection. For example, the inspection could target important mislabeled samples or key vulnerabilities exploitable by an adversarial attack. In order to solve the " needle in the haystack" problem of which samples to inspect, we develop a new scalable(More)
Sophisticated malware authors can sneak hidden malicious code into portable exe-cutable files, and this code can be hard to detect, especially if encrypted or compressed. However, when an executable file switches between code regimes (e.g., native, en-crypted, compressed, text, and padding), there are corresponding shifts in the file's representation as an(More)
One way a malicious insider can attack a network is by masquerading as a different user. Various algorithms have been proposed in an effort to detect when a user masquerade attack has occurred. In this paper, two unsupervised algorithms are proposed with the intended goal of detecting user masquerade attacks. The effectiveness of these two unsupervised(More)
  • 1