Invited Talk - Emilie Purvine, Pacific Northwest National Laboratories

Contributed Papers

• Developing Optimal Causal Cyber-Defence Agents via Cyber Security Simulation, Alex Andrew (DSTL); Sam Spillard (Alan Turing Institute); Joshua Collyer (DSTL); Neil Dhir (Alan Turing Institute)

• Learning Security Strategies through Game Play and Optimal Stopping, Kim Hammar (KTH Royal Institute of Technology)*; Rolf Stadler (KTH Royal Institute of Technology)

• Adversarial Cheap Talk, Christopher Lu (University of Oxford)*; Timon Willi (University of Oxford); Alistair HP Letcher (None); Jakob Foerster (University of Oxford)

Spotlight Talks

• A High Fidelity Cybersecurity Dataset for Attack Modeling, Craig Laprade (The George Washington University); Benjamin Bowman (The George Washington University); H. Howie Huang (The George Washington University)

• Low-Loss Subspace Compression for Clean Gains against Multi-Agent Backdoor Attacks, Siddhartha Datta (University of Oxford)*; Nigel Shadbolt (University of Oxford)

• Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems, DJeff Kanda Nkashama (Université de Sherbrooke)*; Arian Soltani (University of Sherbrooke); Jean-Charles Verdier (University of Sherbrooke); Marc Frappier (University of Sherbrooke); Pierre Martin Tardif (Université de Sherbrooke); Froduald Kabanza (Université de Sherbrooke)

• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS, Christian A Schroeder de Witt (University of Oxford)*; Yongchao Huang (University of Oxford); Philip Torr (University of Oxford); Martin Strohmeier (Armasuisse Science + Technology)

• ACD-G: Enhancing Autonomous Cyber Defence Agent Generalisation Through Graph Embedded Network Representation, Josh Collyer (Defence Science and Technology Laboratory (DSTL))*

• Hypergraph Topological Features for Autoencoder-Based Intrusion Detection for Cybersecurity Data, William Kay (Pacific Northwest National Laboratory)*; Sinan Aksoy (Pacific Northwest National Laboratory); Molly Baird (Pacific Northwest National Laboratory); Daniel Best (Pacific Northwest National Laboratory); Helen K Jenne (Pacific Northwest National Laboratory); Cliff Joslyn (Pacific Northwest National Laboratory); Christopher Potvin (Pacific Northwest National Laboratory); Gregory Henselman-Petrusek (Pacific Northwest National Laboratory); Garret Seppala (Pacific Northwest National Laboratory); Stephen Young (Pacific Northwest National Laboratory); Emilie Purvine (Pacific Northwest National Laboratory)

• Exploiting and Defending Against the Approximate Linearity of Apple’s NeuralHash, Kevin Meng (Massachusetts Institute of Technology)*; Jagdeep S Bhatia (MIT)

• Reducing Exploitability with Population Based Training, Pavel Czempin (University of California, Berkeley)*; Adam Gleave (University of California, Berkeley)

• Using Machine Learning to Infer Plausible and Undetected Cyber Threat, Vulnerability and Mitigation Relationships, Erik Hemberg (CSAIL)*; Ashwin Srinivasan (CSAIL); Nick Rutar (Peraton Labs); Una-May O'Reilly (MIT)

• An Artificial Intelligence-Enabled Framework for Optimizing the Dynamic Cyber Vulnerability Management Process, Soumyadeep Hore (University of South Florida); Ankit Shah (University of South Florida)*; Nathaniel D Bastian (United States Military Academy)

Contributed Papers

Detecting Anomalies in Encrypted EV Charging Control Protocol Using a Hybrid LSTM Autoencoder-OCSVM Model, Thomas E Carroll (Pacific Northwest National Laboratory)*; Kristine Arthur-Durett (Pacific Northwest National Laboratory); Grace McNally (Pacific Northwest National Laboratory)

Recognizing and Extracting Cybersecurity Entities from Text, Casey Hanks (UMBC)*; Michael Maiden (UMBC); Priyanka Ranade (UMBC); Tim Finin (UMBC); Anupam Joshi (UMBC)

Panel Discussion: Benchmark Data Sets

Hyrum Anderson is Distinguished ML Engineer at Robust Intelligence. His career has focused at the intersection of machine learning and security at Microsoft, Elastic, Endgame, FireEye and Mandiant, and as a researcher at Sandia National Laboratories and MIT Lincoln Laboratory. He received his Ph.D. from the University of Washington in 2010.

Benoit Hamelin, after completing a Ph.D. in medical imaging, has pivoted to a career in cyber security and data science. He has worn many hats through 8 years in start-ups around Montreal, settling down in a research role as he joined the Canadian public service in 2019. He has been with the Tutte Institute for Mathematics and Computing since 2021, working on applications of statistics and machine learning to problems relevant to cyber threat detection, characterization and mitigation.

Jelena Mirkovic is research associate professor at University of Southern California and research team leader at USC Information Sciences Institute. Her career in cybersecurity spans 20 years and more than 80 peer reviewed publications. Jelena's research focuses on distributed denial-of-service attacks, malware analysis, privacy, experimentation for cybersecurity and cybersecurity education.

Jeff Nichols joined the ORNL as a post-doc in the ecology division in 2008 after completing his Ph.D. at the University of Tennessee in mathematics applying HPC techniques to individual-based, math ecology models. His postdoc work was on high-performance computation of bioenergy and climate models. He transitioned to the cybersecurity research group in 2012 and has recently became the group leader. His research focuses on high-fidelity cyber range modeling. He previously worked in industry as an IT professional for nearly 20 years including a stint as IT Director at Jewelry Television, a 24/7-nationwide shopping channel, based in Knoxville, TN.

Jamie Thorpe is a cybersecurity researcher at Sandia National Laboratories in Albuquerque, New Mexico, where she develops the tools needed to help build and analyze models of cyber-physical systems. Her research interests include cyber resilience metrics, system model development, data analysis for emulated environments, and emulation verification. Jamie received her master's degree in information security from Carnegie Mellon University.

Invited Talk – Joseph Ravichandran, MIT and Michael Wang, MIT

A Case Study of Real-World Kernel Exploitation

A walkthrough of the process security researchers go through to find modern kernel exploits, and a discussion of potential ways to improve bug finding and categorization with AI. We present CVE-2022-29968, an original Linux kernel exploit we developed, and discuss the current challenges researchers face with respect to exploit categorization and automated discovery.

Poster Session

• A High Fidelity Cybersecurity Dataset for Attack Modeling, Craig Laprade (The George Washington University); Benjamin Bowman (The George Washington University); H. Howie Huang (The George Washington University)

• Low-Loss Subspace Compression for Clean Gains against Multi-Agent Backdoor Attacks, Siddhartha Datta (University of Oxford)*; Nigel Shadbolt (University of Oxford)

• Robustness Evaluation of Deep Unsupervised Learning Algorithms for Intrusion Detection Systems, DJeff Kanda Nkashama (Université de Sherbrooke)*; Arian Soltani (University of Sherbrooke); Jean-Charles Verdier (University of Sherbrooke); Marc Frappier (University of Sherbrooke); Pierre Martin Tardif (Université de Sherbrooke); Froduald Kabanza (Université de Sherbrooke)

• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS, Christian A Schroeder de Witt (University of Oxford)*; Yongchao Huang (University of Oxford); Philip Torr (University of Oxford); Martin Strohmeier (Armasuisse Science + Technology)

• ACD-G: Enhancing Autonomous Cyber Defence Agent Generalisation Through Graph Embedded Network Representation, Josh Collyer (Defence Science and Technology Laboratory (DSTL))*

• Hypergraph Topological Features for Autoencoder-Based Intrusion Detection for Cybersecurity Data, William Kay (Pacific Northwest National Laboratory)*; Sinan Aksoy (Pacific Northwest National Laboratory); Molly Baird (Pacific Northwest National Laboratory); Daniel Best (Pacific Northwest National Laboratory); Helen K Jenne (Pacific Northwest National Laboratory); Cliff Joslyn (Pacific Northwest National Laboratory); Christopher Potvin (Pacific Northwest National Laboratory); Gregory Henselman-Petrusek (Pacific Northwest National Laboratory); Garret Seppala (Pacific Northwest National Laboratory); Stephen Young (Pacific Northwest National Laboratory); Emilie Purvine (Pacific Northwest National Laboratory)

• Exploiting and Defending Against the Approximate Linearity of Apple’s NeuralHash, Kevin Meng (Massachusetts Institute of Technology)*; Jagdeep S Bhatia (MIT)

• Reducing Exploitability with Population Based Training, Pavel Czempin (University of California, Berkeley)*; Adam Gleave (University of California, Berkeley)

• Using Machine Learning to Infer Plausible and Undetected Cyber Threat, Vulnerability and Mitigation Relationships, Erik Hemberg (CSAIL)*; Ashwin Srinivasan (CSAIL); Nick Rutar (Peraton Labs); Una-May O'Reilly (MIT)

• An Artificial Intelligence-Enabled Framework for Optimizing the Dynamic Cyber Vulnerability Management Process, Soumyadeep Hore (University of South Florida); Ankit Shah (University of South Florida)*; Nathaniel D Bastian (United States Military Academy)