2 matches found
Anonymous YARA Rules Are Not Anonymous
YARA rules are widely shared across threat intelligence communities to enable collective defence against malware. This practice implicitly assumes that removing metadata e.g., author fields sufficiently protects the identity of contributing organisations. To assess the validity of this assumption...
Today'S Cat Is Tomorrow'S Dog: Accounting for Time-Based Changes in the Labels of ML Vulnerability Detection Approaches
Vulnerability datasets used for ML testing implicitly contain retrospective information. When tested on the field, one can only use the labels available at the time of training and testing e.g. seen and assumed negatives. As vulnerabilities are discovered across calendar time, labels change and...