r0:035d2ee6677504e68a7eb8820884a335-Sequence Feature Extraction for Malware Family Analysis via Graph Neural Network

Sequence Feature Extraction for Malware Family Analysis via Graph Neural Network

Malicious software (malware) causes much harm to our devices and life. We are eager to understand the malware behavior and the threat it made. Most of the record files of malware are variable length and text-based files with time stamps, such as event log data and dynamic analysis profiles. Using the time stamps, we can sort such data into sequence-based data for the following analysis. However, dealing with the text-based sequences with variable lengths is difficult. In addition, unlike natural language text data, most sequential data in information security have specific properties and structure, such as loop, repeated call, noise, etc. To deeply analyze the API call sequences with their structure, we use graphs to represent the sequences, which can further investigate the information and structure, such as the Markov model. Therefore, we design and implement an Attention Aware Graph Neural Network (AWGCN) to analyze the API call sequences. Through AWGCN, we can obtain the sequence embeddings to analyze the behavior of the malware. Moreover, the classification experiment result shows that AWGCN outperforms other classifiers in the call-like datasets, and the embedding can further improve the classic model’s performance.

S++: A Fast and Deployable Secure-Computation Framework for Privacy-Preserving Neural Network Training

S++: A Fast and Deployable Secure-Computation Framework for Privacy-Preserving Neural Network Training

We introduce S++, a simple, robust, and deployable framework for training a neural network (NN) using private data from multiple sources, using secret-shared secure function evaluation. In short, consider a virtual third party to whom every data-holder sends their inputs, and which computes the neural network: in our case, this virtual third party is actually a set of servers which individually learn nothing, even with a malicious (but non-colluding) adversary.



Meaningful privacy and how it is applied in technology will be the focus of 60 privacy preserving leaders from around the globe during the OpenMined Privacy conference Sept 26 and 27 2020 with more than 2000 in attendance virtually.


Trainings for Cybersecurity Specialists

“ENISA CSIRT training material was introduced in 2008. In 2012, 2013 and 2014 it was complemented with new exercise scenarios containing essential material for success in the CSIRT community and in the field of information security. In these pages you will find the ENISA CSIRT training material, containing Handbooks for teachers, Toolsets for students and Virtual Images to support hands on training sessions. ” The materials continue to be updated in 2020 and are appropriate for use by cybersecurity specialists and decision-makers.



(Change of dates to 2021).Top cyber talents from each participating country will meet in Vienna to network and collaborate and finally compete against each other. Contestants will be challenged in solving security related tasks from domains such as web security, mobile security, crypto puzzles, reverse engineering and forensics and in the process collect points for solving them.

INTERPOL: Impact of COVID-19 on Financial Crimes, webinar

The complexity of acting against cybercriminal internet domains was discussed; also on the techniques used in cybercrime… Information and detailed well-explained was offered by INTERPOL members, on how to detect and act in most cases.


CSIRTs and criminal justice authorities

CSIRTs and criminal justice authorities – good practices of collaboration on cybercrime and electronic evidence (webinar, Council Europe)