Upgrade to Pro — share decks privately, control downloads, hide ads and more …

OpenTalks.AI - Александр Чистяков, Построение о...

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for OpenTalks.AI OpenTalks.AI
February 15, 2019
Science
1
680

OpenTalks.AI - Александр Чистяков, Построение общего глубокого представления исполняемых файлов для поиска новых угроз и расследования киберпреступлений

Avatar for OpenTalks.AI

OpenTalks.AI

February 15, 2019
Tweet

More Decks by OpenTalks.AI

See All by OpenTalks.AI
OpenTalks.AI - Виктор Лемпицкий, Моделирование 3Д сцен: новые подходы в 2020 году
Avatar for OpenTalks.AI opentalks
0
490
OpenTalks.AI - Алексей Чернявский, Нейросетевые алгоритмы для повышения качества медицинских изображений
Avatar for OpenTalks.AI opentalks
0
440
OpenTalks.AI - Александр Громов, Устойчивость нейросетевых моделей при анализе КТ/НДКТ-исследований
Avatar for OpenTalks.AI opentalks
0
380
OpenTalks.AI - Денис Тимонин, Megatron-LM: Обучение мультимиллиардных LMs при помощи техники Model Parallelism
Avatar for OpenTalks.AI opentalks
0
520
OpenTalks.AI - Егор Филимонов, Возможности платформы Huawei Atlas и эффективный гетерогенный инференс.
Avatar for OpenTalks.AI opentalks
0
160
OpenTalks.AI - Александр Прозоров, Референсная архитектура робота сервисного центра в отраслях с изменчивыми бизнес-процессами
Avatar for OpenTalks.AI opentalks
0
390
OpenTalks.AI - Наталья Лукашевич, Анализ тональности по отношению к компании — с чем не справился BERT
Avatar for OpenTalks.AI opentalks
0
340
OpenTalks.AI - Константин Воронцов, Фейковые новости и другие типы потенциально опасного дискурса: типология, подходы, датасеты, соревнования
Avatar for OpenTalks.AI opentalks
0
450
OpenTalks.AI - Дмитрий Ветров, Фрактальность функции потерь, эффект двойного спуска и степенные законы в глубинном обучении - фрагменты одной мозаики
Avatar for OpenTalks.AI opentalks
0
480

Other Decks in Science

See All in Science
ド文系だった私が、 KaggleのNCAAコンペでソロ金取れるまで
Avatar for wakama1994 wakamatsu_takumu
2
2.2k
2025-06-11-ai_belgium
Avatar for Sofie Van Landeghem sofievl
1
250
シャボン玉の虹から原子も地震も重力も見える! 〜 物理の目「干渉縞」のすごい力 〜
Avatar for Syota-Sasaki syotasasaki593876
1
110
AI(人工知能)の過去・現在・未来 —AIは人間を超えるのか—
Avatar for Y-h. Taguchi tagtag
PRO
1
250
データから見る勝敗の法則 / The principle of victory discovered by science (open lecture in NSSU)
Avatar for konakalab konakalab
1
300
中央大学AI・データサイエンスセンター 2025年第6回イブニングセミナー 『知能とはなにか ヒトとAIのあいだ』
Avatar for Y-h. Taguchi tagtag
PRO
0
140
データマイニング - コミュニティ発見
Avatar for Y. Yamamoto trycycle
PRO
0
230
データベース15: ビッグデータ時代のデータベース
Avatar for Y. Yamamoto trycycle
PRO
0
470
知能とはなにかーヒトとAIのあいだー
Avatar for Y-h. Taguchi tagtag
PRO
0
190
主成分分析に基づく教師なし特徴抽出法を用いたコラーゲン-グリコサミノグリカンメッシュの遺伝子発現への影響
Avatar for Y-h. Taguchi tagtag
PRO
0
220
コンピュータビジョンによるロボットの視覚と判断:宇宙空間での適応と課題
Avatar for Hironobu Fujiyoshi hf149
1
580
Rashomon at the Sound: Reconstructing all possible paleoearthquake histories in the Puget Lowland through topological search
Avatar for Richard Styron cossatot
0
760

Featured

See All Featured
Designing for Performance
Avatar for Lara Hogan lara
611
70k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
34
9.2k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
11
870
Done Done
Avatar for chrislema chrislema
186
16k
Designing Powerful Visuals for Engaging Learning
Avatar for Mike Taylor tmiket
0
300
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
[RailsConf 2023 Opening Keynote] The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
31
10k
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
310
Building the Perfect Custom Keyboard
Avatar for Naoto Takai takai
2
720
Navigating Team Friction
Avatar for Lara Hogan lara
192
16k
The #1 spot is gone: here's how to win anyway
Avatar for Tamara Novitovic tamaranovitovic
2
1k
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
500

Transcript

  1. 1 Constructing shared deep representation of executable files to search

    for new threats and cybercrime investigations Alexander Chistyakov Senior Research-Developer, Detection Methods Analysis, Kaspersky Lab

  2. 2 File processing route (known threat) Benign file Malicious file

    Download file Check file’s reputation Static analysis Dynamic analysis Execution artefacts Raw file artefacts Status, popularity, sources, … Label obtained?

  3. File processing route (modified known threat) Download file Check file’s

    reputation Static analysis Dynamic analysis Execution artefacts Raw file artefacts Status, popularity, sources, … ML detection model Benign file Malicious file Label obtained?

  4. File processing route (new unknown threat) Download file Check file’s

    reputation Static analysis Dynamic analysis Execution artefacts Raw file artefacts Status, popularity, sources, … ML detection model Expert decision Benign file Malicious file

  5. Manual data labeling Expert decision Benign file Malicious file Dynamic

    analysis

  6. 6 World 2 Vec

  7. Latent representations for malware Executable file 1. Polymorphic 2. Obfuscated

    3. Selfpacked 4. Multicomponent Execution process 1. Context dependent 2. Unstable 3. Concurrent 4. Distributed

  8. Evidence lower bound Variational Auto-Encoder (Basic) Variational Auto-Encoder (Symmetric)

  9. File and file’s behavior joint distribution

  10. File’s behavior conditional distribution

  11. File’s and behavior shared embedding

  12. Reducing internal traffic Expert decision Benign file Malicious file File’s

    distribution approximator Dynamic analysis

  13. Reducing external traffic User 1 User 2 User 3 Previously

    observed malware collection File’s distribution approximator

  14. Cybercrime investigations File’s distribution approximator Incident logs and artefacts Corporate

    network Alarm!

  15. What’s next? 1.Estimating real world file’s distribution 2.Avoiding model-based adversarial

    attacks 3.Preventing private data leakage 4.Environment based anomaly detection

  16. LET’S TALK? Kaspersky Lab HQ 39A/3 Leningradskoe Shosse Moscow, 125212,

    Russian Federation Tel: +7 (495) 797-8700 www.kaspersky.com