Edward Raff
YOU?
Author Swipe
View article: You Don’t Need Robust Machine Learning to Manage Adversarial Attack Risks
You Don’t Need Robust Machine Learning to Manage Adversarial Attack Risks Open
The robustness of modern machine learning (ML) models has become an increasing concern within the community. The ability to subvert a model into making errant predictions using seemingly inconsequential changes to input is startling, as is…
View article: EMBER2024 - A Benchmark Dataset for Holistic Evaluation of Malware Classifiers
EMBER2024 - A Benchmark Dataset for Holistic Evaluation of Malware Classifiers Open
A lack of accessible data has historically restricted malware analysis research, and practitioners have relied heavily on datasets provided by industry sources to advance. Existing public datasets are limited by narrow scope - most include…
View article: Quick Draw Bandits: Quickly Optimizing in Nonstationary Environments with Extremely Many Arms
Quick Draw Bandits: Quickly Optimizing in Nonstationary Environments with Extremely Many Arms Open
Canonical algorithms for multi-armed bandits typically assume a stationary reward environment where the size of the action space (number of arms) is small. More recently developed methods typically relax only one of these assumptions: exis…
View article: Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack
Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack Open
Bad actors, primarily distressed firms, have the incentive and desire to manipulate their financial reports to hide their distress and derive personal gains. As attackers, these firms are motivated by potentially millions of dollars and th…
View article: ClarAVy: A Tool for Scalable and Accurate Malware Family Labeling
ClarAVy: A Tool for Scalable and Accurate Malware Family Labeling Open
Determining the family to which a malicious file belongs is an essential component of cyberattack investigation, attribution, and remediation. Performing this task manually is time consuming and requires expert knowledge. Automated tools u…
View article: Disassembly as Weighted Interval Scheduling with Learned Weights
Disassembly as Weighted Interval Scheduling with Learned Weights Open
Disassembly is the first step of a variety of binary analysis and transformation techniques, such as reverse engineering, or binary rewriting. Recent disassembly approaches consist of three phases: an exploration phase, that overapproximat…
View article: Can LLMs Obfuscate Code? A Systematic Analysis of Large Language Models into Assembly Code Obfuscation
Can LLMs Obfuscate Code? A Systematic Analysis of Large Language Models into Assembly Code Obfuscation Open
Malware authors often employ code obfuscations to make their malware harder to detect. Existing tools for generating obfuscated code often require access to the original source code (e.g., C++ or Java), and adding new obfuscations is a non…
View article: What Do Machine Learning Researchers Mean by “Reproducible”?
What Do Machine Learning Researchers Mean by “Reproducible”? Open
The concern that Artificial Intelligence (AI) and Machine Learning (ML) are entering a "reproducibility crisis" has spurred significant research in the past few years. Yet with each paper, it is often unclear what someone means by "reprodu…
View article: Differentially Private Iterative Screening Rules for Linear Regression
Differentially Private Iterative Screening Rules for Linear Regression Open
Linear $L_1$-regularized models have remained one of the simplest and most effective tools in data science. Over the past decade, screening rules have risen in popularity as a way to eliminate features when producing the sparse regression …
View article: Multi-layer Radial Basis Function Networks for Out-of-distribution Detection
Multi-layer Radial Basis Function Networks for Out-of-distribution Detection Open
Existing methods for out-of-distribution (OOD) detection use various techniques to produce a score, separate from classification, that determines how ``OOD'' an input is. Our insight is that OOD detection can be simplified by using a neura…
View article: Can LLMs Obfuscate Code? A Systematic Analysis of Large Language Models into Assembly Code Obfuscation
Can LLMs Obfuscate Code? A Systematic Analysis of Large Language Models into Assembly Code Obfuscation Open
Malware authors often employ code obfuscations to make their malware harder to detect. Existing tools for generating obfuscated code often require access to the original source code (e.g., C++ or Java), and adding new obfuscations is a non…
View article: Human-Readable Adversarial Prompts: An Investigation into LLM Vulnerabilities Using Situational Context
Human-Readable Adversarial Prompts: An Investigation into LLM Vulnerabilities Using Situational Context Open
As the AI systems become deeply embedded in social media platforms, we've uncovered a concerning security vulnerability that goes beyond traditional adversarial attacks. It becomes important to assess the risks of LLMs before the general p…
View article: What Do Machine Learning Researchers Mean by "Reproducible"?
What Do Machine Learning Researchers Mean by "Reproducible"? Open
The concern that Artificial Intelligence (AI) and Machine Learning (ML) are entering a "reproducibility crisis" has spurred significant research in the past few years. Yet with each paper, it is often unclear what someone means by "reprodu…
View article: Living off the Analyst: Harvesting Features from Yara Rules for Malware Detection
Living off the Analyst: Harvesting Features from Yara Rules for Malware Detection Open
A strategy used by malicious actors is to "live off the land," where benign systems and tools already available on a victim's systems are used and repurposed for the malicious actor's intent. In this work, we ask if there is a way for anti…
View article: Stabilizing Linear Passive-Aggressive Online Learning with Weighted Reservoir Sampling
Stabilizing Linear Passive-Aggressive Online Learning with Weighted Reservoir Sampling Open
Online learning methods, like the seminal Passive-Aggressive (PA) classifier, are still highly effective for high-dimensional streaming data, out-of-core processing, and other throughput-sensitive applications. Many such algorithms rely on…
View article: Is Function Similarity Over-Engineered? Building a Benchmark
Is Function Similarity Over-Engineered? Building a Benchmark Open
Binary analysis is a core component of many critical security tasks, including reverse engineering, malware analysis, and vulnerability detection. Manual analysis is often time-consuming, but identifying commonly-used or previously-seen fu…
View article: A Walsh Hadamard Derived Linear Vector Symbolic Architecture
A Walsh Hadamard Derived Linear Vector Symbolic Architecture Open
Vector Symbolic Architectures (VSAs) are one approach to developing Neuro-symbolic AI, where two vectors in $\mathbb{R}^d$ are `bound' together to produce a new vector in the same space. VSAs support the commutativity and associativity of …
View article: Position: Challenges and Opportunities for Differential Privacy in the U.S. Federal Government
Position: Challenges and Opportunities for Differential Privacy in the U.S. Federal Government Open
In this article, we seek to elucidate challenges and opportunities for differential privacy within the federal government setting, as seen by a team of differential privacy researchers, privacy lawyers, and data scientists working closely …
View article: Neural Normalized Compression Distance and the Disconnect Between Compression and Classification
Neural Normalized Compression Distance and the Disconnect Between Compression and Classification Open
It is generally well understood that predictive classification and compression are intrinsically related concepts in information theory. Indeed, many deep learning methods are explained as learning a kind of compression, and that better co…
View article: High-Dimensional Distributed Sparse Classification with Scalable Communication-Efficient Global Updates
High-Dimensional Distributed Sparse Classification with Scalable Communication-Efficient Global Updates Open
As the size of datasets used in statistical learning continues to grow, distributed training of models has attracted increasing attention. These methods partition the data and exploit parallelism to reduce memory and runtime, but suffer in…
View article: More Options for Prelabor Rupture of Membranes, A Bayesian Analysis
More Options for Prelabor Rupture of Membranes, A Bayesian Analysis Open
An obstetric goal for a laboring mother is to achieve a vaginal delivery as it reduces the risks inherent in major abdominal surgery (i.e., a Cesarean section). Various medical interventions may be used by a physician to increase the likel…
View article: Feature Selection from Differentially Private Correlations
Feature Selection from Differentially Private Correlations Open
Data scientists often seek to identify the most important features in high-dimensional datasets. This can be done through $L_1$-regularized regression, but this can become inefficient for very high-dimensional datasets. Additionally, high-…
View article: Human-Interpretable Adversarial Prompt Attack on Large Language Models with Situational Context
Human-Interpretable Adversarial Prompt Attack on Large Language Models with Situational Context Open
Previous research on testing the vulnerabilities in Large Language Models (LLMs) using adversarial attacks has primarily focused on nonsensical prompt injections, which are easily detected upon manual or automated review (e.g., via byte en…
View article: WellDunn: On the Robustness and Explainability of Language Models and Large Language Models in Identifying Wellness Dimensions
WellDunn: On the Robustness and Explainability of Language Models and Large Language Models in Identifying Wellness Dimensions Open
Language Models (LMs) are being proposed for mental health applications where the heightened risk of adverse outcomes means predictive performance may not be a sufficient litmus test of a model's utility in clinical practice. A model that …
View article: Optimizing the Optimal Weighted Average: Efficient Distributed Sparse Classification
Optimizing the Optimal Weighted Average: Efficient Distributed Sparse Classification Open
While distributed training is often viewed as a solution to optimizing linear models on increasingly large datasets, inter-machine communication costs of popular distributed approaches can dominate as data dimensionality increases. Recent …
View article: Assemblage: Automatic Binary Dataset Construction for Machine Learning
Assemblage: Automatic Binary Dataset Construction for Machine Learning Open
Binary code is pervasive, and binary analysis is a key task in reverse engineering, malware classification, and vulnerability discovery. Unfortunately, while there exist large corpora of malicious binaries, obtaining high-quality corpora o…
View article: Attribution in Scientific Literature: New Benchmark and Methods
Attribution in Scientific Literature: New Benchmark and Methods Open
Large language models (LLMs) present a promising yet challenging frontier for automated source citation in scientific communication. Previous approaches to citation generation have been limited by citation ambiguity and LLM overgeneralizat…
View article: SoK: A Review of Differentially Private Linear Models For High-Dimensional Data
SoK: A Review of Differentially Private Linear Models For High-Dimensional Data Open
Linear models are ubiquitous in data science, but are particularly prone to overfitting and data memorization in high dimensions. To guarantee the privacy of training data, differential privacy can be used. Many papers have proposed optimi…
View article: Comparison of Two Methods of Antepartum Anticoagulation: Continuation of Enoxaparin until Scheduled Induction of Labor Versus Transitioning to Heparin with Spontaneous Labor
Comparison of Two Methods of Antepartum Anticoagulation: Continuation of Enoxaparin until Scheduled Induction of Labor Versus Transitioning to Heparin with Spontaneous Labor Open
Pregnancy is a hypercoagulable state. There is a lack of strong evidence-based guidance regarding management when anticoagulation is required to prevent or treat venous thromboembolism during pregnancy. In practice, some patients are presc…