5th Workshop on
Machine Learning for CyberSecurity
Co-located with ECMLPKDD 2023
September 22, 2023 - Torino, Italy

About the workshop

About MLCS 2023

Short description

The last decade has been a critical one regarding cybersecurity, with studies estimating the worldwide cost of cybercrime to be 8.44 trillion dollars in 2022 , an increase of 41% from 2021. The capability to detect, analyze, and defend against threats in (near) real-time conditions is not possible without employing machine learning techniques and big data infrastructures. This gives rise to cyberthreat intelligence and analytic solutions, such as (informed) machine learning on big data and open-source intelligence, to perceive, reason, learn, and act against cyber adversary techniques and actions. Moreover, organisations’ security analysts have to manage and protect systems and deal with the privacy and security of all personal and institutional data under their control. The aim of this workshop is to provide researchers with a forum to exchange and discuss scientific contributions, open challenges and recent achievements in machine learning and their role in the development of secure systems. If it will be considered, as in the previous two years, we would join a LNCS proceedings volume.

Relevance to the Machine Learning Community

Cybersecurity is of the utmost importance for computing systems. The ethics guidelines for trustworthy artificial intelligence authored by the European Commission’s Independent High Level Expert Group on Artificial Intelligence on April 2019 have highlighted that machine learning-based artificial intelligence developments in various fields, including cybersecurity, are improving the quality of our lives every day, that AI systems should be resilient to attacks and security, and that they should consider security-by-design principles.

Due to the scale and complexity of current systems, it is a permanent and growing concern in industry and academia. On the one hand, the volume and diversity of functional and non- functional data, including open source information, along with increasingly dynamical operating environments, create additional obstacles to the security of systems and to the privacy and security of data. On the other hand, it creates an information rich environment that, leveraged by techniques in the crossing of modern machine learning, data science and visualization fields, will contribute to improve systems and data security and privacy.

This poses significant, industry relevant, challenges to the machine learning and cybersecurity communities, as the main problems arise in contexts of dynamic operating environments and unexpected operating conditions, motivating the demand for production-ready systems able to improve and, adaptively, maintain the security of computing systems as well as the security and privacy of data.

Based on the recent history, we plan to organize this workshop as a European forum for cybersecurity researchers and practitioners that wish to discuss the recent developments of machine learning for developing cybersecurity, by paying special attention to solutions rooted in adversarial learning, pattern mining, neural networks and deep learning, probabilistic inference, anomaly detection, stream learning and mining, and big data analytics.

Motivation

The last decade has been a critical one regarding cybersecurity, with studies estimating the worldwide cost of cybercrime to be 8.44 trillion dollars in 2022, an increase of 41% from 2021. Cyberthreats have increased dramatically, exposing sensitive personal and business information, disrupting critical operations and imposing high costs on the economy. The number, frequency, and sophistication of threats will only increase and will become more targeted in nature. Furthermore, today’s computing systems operate under increasing scales and dynamic environments, ingesting and generating more and more functional and non-functional data. The capability to detect, analyze, and defend against threats in (near) real-time conditions is not possible without employing machine learning techniques and big data infrastructure. This gives rise to cyber threat intelligence and analytic solutions, such as (informed) machine learning on big data and open-source intelligence, to perceive, reason, learn, and act against cyber adversary techniques and actions. Moreover, organizations’ security analysts have to manage and protect these systems and deal with the privacy and security of all personal and institutional data under their control. This calls for tools and solutions combining the latest advances in areas such as data science, visualization, and machine learning. We strongly believe that the significant advance of the state-of-the-art in machine learning over the last years has not been fully exploited to harness the potential of available data, for the benefit of systems-and-data security and privacy. In fact, while machine learning algorithms have been already proven beneficial for the cybersecurity industry, they have also highlighted a number of shortcomings. Traditional machine algorithms are often vulnerable to attacks, known as adversarial learning attacks , which can cause the algorithms to misbehave or reveal information about their inner workings. As machine learning-based capabilities become incorporated into cyber assets, the need to understand adversarial learning and address it becomes clear. On the other hand, when a significant amount of data is collected from or generated by different security monitoring solutions, big-data analytical techniques are necessary to mine, interpret and extract knowledge of these big data.

Goals

The workshop follows the success of the four previous editions( MLCS 2019, MLCS 2020, MLCS 2021, and MLCS 2022 ) co-located with ECML-PKDD. In all the previous editions the workshop gained strong interest, with an attendance between 20 and 30 participants, lively discussions after the talks, amazing invited talks in all the editions and a vibrant panel discussion in both 2019 and 2021 editions. It aims at providing researchers with a forum to exchange and discuss scientific contributions and open challenges, both theoretical and practical, related to the use of machine-learning approaches in cybersecurity. We want to foster joint work and knowledge exchange between the cybersecurity community, and researchers and practitioners from the machine learning area, and its crossing with big data, data science, and visualization. The workshop shall provide a forum for discussing novel trends and achievements in machine learning and their role in the development of secure systems. It aims to highlight the latest research trends in machine learning, privacy of data, big data, deep learning, incremental and stream learning, and adversarial learning. In particular, it aims to promote the application of these emerging techniques to cybersecurity and measure the success of these less-traditional algorithms.

The workshop shall contribute to identify new application areas as well as open and future research problems related to the application of machine-learning in the cybersecurity field.

Call for papers

MLCS welcomes both research papers reporting results from mature work, recently published work, as well as more speculative papers describing new ideas or preliminary exploratory work. Papers reporting industry experiences and case studies will also be encouraged. However, it should be noticed that papers based on recently published work will not be considered for publication in the proceedings.

Workshop Topics

All topics related to the contribution of machine learning approaches to the security of organisations’ systems and data are welcome. These include, but are not limited to:

  • Machine learning for:
    • the security and dependability of networks, systems, and software
    • open-source threat intelligence and cybersecurity situational awareness
    • data security and privacy
    • cybersecurity forensic analysis
    • the development of smarter security control
    • the fight against (cyber)crime, e.g., biometrics, audio/image/video analytics
    • vulnerability analysis
    • the analysis of distributed ledgers
    • malware, anomaly, and intrusion detection

  • Adversarial machine learning and the robustness of AI models against malicious actions
  • Interpretability and Explainability of machine learning models in cybersecurity
  • Privacy preserving machine learning
  • Trusted machine learning
  • Data-centric security
  • Scalable / big data approaches for cybersecurity
  • Deep learning for automated recognition of novel threats
  • Graph representation learning in cybersecurity
  • Continuous and one-shot learning
  • Informed machine learning for cybersecurity
  • User and entity behavior modeling and analysis

Paper submission

MLCS welcomes both research papers reporting results from mature work, recently published work, as well as more speculative papers describing new ideas or preliminary exploratory work. Papers reporting industry experiences and case studies will also be encouraged. However, it should be noticed that papers based on recently published work will not be considered for publication in the proceedings.

Submissions are accepted in two formats:
  • Regular research papers with 12 to 16 pages including references. To be published in the proceedings, research papers must be original, not published previously, and not submitted concurrently elsewhere.
  • Short research statements of at most 6 pages. Research statements aim at fostering discussion and collaboration. They may review research published previously or outline new emerging ideas.

All submissions should be made in PDF using the Microsoft CMT and must adhere to the Springer LNCS style. Templates are available here.

Based on the quality and number of accepted regular papers, regular workshop papers (except papers reporting recently published work or preliminary work) will be “tentatively” published in the workshop post-proceedings.

At least one author of each accepted paper must have a full registration and be in Turin to present the paper (registration instructions at link). Papers without a full registration or in-presence presentation won't be included in the post-workshop Springer proceedings.

To submit your paper, kindly refer to the instructions provided on the Microsoft Conference Management Tool (CMT) platform. You can access these instructions by visiting the following link: https://cmt3.research.microsoft.com/docs/help/author/author- submission-form.html. Once on the platform, utilize the filter option to search for the "European Conference on Machine Learning and Principles and Practice of Knowledge Discovery in Databases - Workshop and Tutorial Track". Then, select "Machine Learning for Cybersecurity (MLCS 2023)" under the "Create new submission" tab. Alternatively, you may use this link to access the submission page directly.

Important dates

Regular and research statement papers

  • June 15

    June 19

    Submission deadline

  • July 12

    Paper author notification

  • July 26

    Camera ready submission deadline

  • Copyright form for publication

    Download Copyright File

Organizing Committee

Annalisa Appice

Università degli Studi di Bari
Dipartimento di Informatica
Italy

Giuseppina Andresini

Università degli Studi di Bari
Dipartimento di Informatica
Italy

Ibéria Medeiros

Universidade de Lisboa
Faculdade de Ciências
LASIGE
Potugal

Pedro M. Ferreira

Universidade de Lisboa
Faculdade de Ciências
LASIGE
Portugal

Web and publicity chairs

Nuno Dionísio

Universidade de Lisboa
Faculdade de Ciências
LASIGE
Portugal

Samaneh Shafee

Universidade de Lisboa
Faculdade de Ciências
LASIGE
Portugal

Program Committee

Currently confirmed members

  • Bruno Zarpelao, State University of Londrina, Brazil
  • Tommaso Zoppi, University of Florence, Italy
  • Donato Malerba, University of Bari Aldo Moro, Italy
  • Davide Maiorca, University of Cagliari, Italy
  • Francesco Mercaldo, University of Molise, Italy
  • Gianluigi Folino, ICAR-CNR, Italy
  • Miguel Correia, INESC-ID ,Portugal
  • Maura Pintor , University of Cagliari, Italy
  • Marco Vieira, University of Coimbra, Portugal
  • Luca Demetrio, University of Genoa, Italy
  • Leonardo Aniello, University of Southampton, United Kingdom
  • Raphael Labaca-Castro, University of the Bundeswehr Munich, Germany
  • Azqa Nadeem, Delft University of Technology, Netherlands
  • Antonio Pecchia, University of Sannio, Italy
  • Vera Rimmer, Katholieke Universiteit Leuven, Belgium

Program

Keynote speaker

Stefano Traverso

Ermes Cyber Security SpA
Italy

Stefano holds a PhD in Electronics and Communications Engineering (2012) and a Master’s Degree in Computer and Communications Engineering (2008), both from the Polytechnic of Turin. Since 2012 to 2017, he had been holding a Post-doctoral researcher position at the Telecommunication Network Group of Polytechnic of Turin. During his PhD and post-docs, he has been visiting many international research centers in Europe (Telefonica I+D, NEC Labs Europe, Alcatel- Lucent Bell Labs) and US (Narus Lab), and collaborated with many international institutions both in Europe and US.

His research track includes tens of scientific papers, many of them published in top-level conferences (e.g., IEEE INFOCOM, ACM WWW, PoPETS) and journals (e.g., IEEE/ACM Transactions on Networking, IEEE Transactions on Multimedia, IEEE Transactions on Parallel and Distributed Systems, ACM Computer Communications Review). Some of them have been awarded as best papers and attracted the interest of international press. He participated in many European Projects and serves in many conference TPCs (ACSAC, AISec, TMA)

In 2017, he co-founded Ermes Cyber Security SRL and now he leads the Research team, which is responsible for generating ground-breaking innovation in the area of AI and cyber security. His main research interests include Internet measurements, online privacy, web security, and AI applied to cyber security.

MLCS 2023 programme

22/09/2023 9:20 - 12:50

9:20 Opening remarks: Welcome to MLCS 2023!
9:30 Building Innovation in CyberSec: Lessons Learned and Challenges
Stefano Traverso, (Ermes Cyber Security SRL)
Abstract: the years at Ermes Cyber Security, we have faced a number of challenges related to applying AI and ML to Cyber Security space.
In this talk, I will tell a little about out technologies, the challenges behind them and what we learned on the road to make them successful.
Paper session Adversarial learning
Session chair:
10:40 I See Dead People: Gray-Box Adversarial Attack on Image-To-Text Models
Raz Lapid, Moshe Sipper
11:00 Coffee break
Paper session Intrusion and malware detection
Session chair:
11:30 A source separation approach to temporal graph modelling for computer networks
Corentin Larroche
11:50 Quantum Machine Learning for Malware Classification
Grégoire Barrué, Tony Quertier
12:10 Side-channel Based Intrusion Detection for Network Equipment
Arthur Grisel-Davy, Göksen Güler, Shikhar Sakhuja, Julian Dickert, Waleed Khan, Philippe Vibien, Jack Morgan, Carlos Moreno, Sebastian Fischmeister
Paper session Privacy and Data Streams
Session chair:
12:30 Concept Drift Detection using Ensemble of Integrally Private Models
Ayush K Varshney, Vicenç Torra
13:00 Lunch

Venue

Please, read about the venue in the ECML venues web page.
You will find a description of the venue and a map.

ECML/PKDD 2023 plans an hybrid organization also for workshops and tutorials. Therefore a person can attend an online event as long as she/he registers for the conference by using the videoconference registration fee.

Please note the videoconference registration fee allows also to follow the main conference.

Contact Us

for any question regarding the workshop