@inproceedings{fa47d74edb0a4944be23c7874abb3d86,
title = "Up-high to down-low: Applying machine learning to an exploit database",
abstract = "Today machine learning is primarily applied to low level features such as machine code and measurable behaviors. However, a great asset for exploit type classifications is public exploit databases. Unfortunately, these databases contain only meta-data (high level or abstract data) of these exploits. Considering that classification depends on the raw measurements found in the field, these databases have been overlooked. In this study, we offer two usages for these high level datasets and evaluate their performance. The first usage is classification by using meta-data as a bridge (supervised), and the second usage is the study of exploits{\textquoteright} relations using clustering and Self Organizing Maps (unsupervised). Both offer insights into exploit detection and can be used as a means to better define exploit classes.",
keywords = "Data mining, Exploit database, Machine learning, Pattern abstraction, Supervised, Unsupervised",
author = "Yisroel Mirsky and Noam Cohen and Asaf Shabtai",
note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2015.; 8th International Conference on Innovative Security Solutions for Information Technology and Communications, SECITC 2015 ; Conference date: 11-06-2015 Through 12-06-2015",
year = "2015",
month = jan,
day = "1",
doi = "https://doi.org/10.1007/978-3-319-27179-8_13",
language = "American English",
isbn = "9783319271781",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "184--200",
editor = "David Naccache and Emil Simion and Ion Bica",
booktitle = "Innovative Security Solutions for Information Technology and Communications - 8th International Conference, SECITC 2015, Revised Selected Papers",
address = "Germany",
}