Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
class:gradsec2026 [2026/03/16 01:04] mhshin |
class:gradsec2026 [2026/03/30 13:59] (current) jhj2004 [Agenda] |
||
|---|---|---|---|
| Line 33: | Line 33: | ||
| ^ Date ^ Name ^ Topic ^ Slides ^ Minutes ^ | ^ Date ^ Name ^ Topic ^ Slides ^ Minutes ^ | ||
| - | | 3/4 | Minho | Ice-breaking | [[https://drive.google.com/file/d/1PGW7cKv0rqTp6jIaHmIz2Olmi9KXCCNn/view?usp=drive_link|AI-Cybersecurity]] | [[https://drive.google.com/file/d/1tQJK6mbAowQlCto7OzYd16rR8mlTkkiL/view?usp=drive_link| Survey paper]] | | + | | 3/4 | Minho | AI-Introduction | {{ :class:ai-intro.pdf |AI-Intro}} | | |
| | 3/11 | Minho | | | | | | 3/11 | Minho | | | | | ||
| - | | ::: | Cho | https://www.usenix.org/system/files/sec21-schuster.pdf| | | | + | | ::: | Cho | [[https://www.usenix.org/system/files/sec21-schuster.pdf|You autocomplete me: Poisoning vulnerabilities in neural code completion]] | [[https://1drv.ms/p/c/005794ae9195628e/IQB4fo_zfZeySKirBSMijjfiAVbNdg_9N1hiWS702-MyQpk?e=SsGxwB|You autocomplete me: Poisoning vulnerabilities in neural code completion]] | | |
| | 3/18 | Minho | | | | | | 3/18 | Minho | | | | | ||
| - | | ::: | Han | | | | | + | | ::: | Han | [[https://arxiv.org/pdf/2102.07995.pdf|D2a: A dataset built for ai-based vulnerability detection methods using differential analysis]] | | | | |
| - | | 3/25 | Minho | | | | | + | | 3/27 | Minho | | | | |
| - | | ::: | Kwak| | | | | + | | ::: | Kwak| [[https://www.mdpi.com/1424-8220/23/9/4403/pdf|A Deep Learning-Based Innovative Technique for Phishing Detection with URLs]] | | | |
| - | | 4/1 | Cho | | | | | + | | 4/1 | No Class | | | | |
| - | | 4/8 | No Class | | | | | + | | 4/10 | Cho | [[https://arxiv.org/pdf/1803.04173|Adversarial Malware Binaries: Evading Deep |
| + | Learning for Malware Detection in Executables]] | | | | ||
| | 4/15 | Han | | | | | | 4/15 | Han | | | | | ||
| - | | 4/22 | No Class | | | | | + | | 4/24 | Kwak| | | | |
| - | | 4/29 | Kwak | | | | | + | | 4/29 | Cho | | | | |
| - | | 5/6 | Cho | | | | | + | | 5/6 | Han | | | | |
| - | | 5/13 | Han | | | | | + | | 5/13 | Kwak | | | | |
| - | | 5/20 | Kwak | | | | | + | | 5/20 | Cho | | | | |
| - | | 5/27 | Cho | | | | | + | | 5/27 | Han | | | | |
| - | | 6/3 | Han | | | | | + | | 6/3 | Kwak | | | | |
| - | | 6/10 | Kwak | | | | | + | | 6/10 | Cho | | | | |
| - | | 6/17 | Cho | | | | | + | | 6/17 | Han | | | | |
| - | | 6/24 | Han | | | | | + | | 6/24 | Kwak | | | | |
| ====== Class Information ====== | ====== Class Information ====== | ||
| Line 297: | Line 298: | ||
| * Keywords: Transformers, CodeBERT, vulnerability detection, line-level analysis, code understanding | * Keywords: Transformers, CodeBERT, vulnerability detection, line-level analysis, code understanding | ||
| * URL: https://arxiv.org/pdf/2205.08956.pdf | * URL: https://arxiv.org/pdf/2205.08956.pdf | ||
| - | - **You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion** | + | - <fc red>(Jo)</fc> **You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion** |
| * Roei Schuster et al., USENIX Security 2021 | Pages: 17 | Difficulty: 3/5 | * Roei Schuster et al., USENIX Security 2021 | Pages: 17 | Difficulty: 3/5 | ||
| * Abstract: Demonstrates that neural code autocompleters can be poisoned to suggest insecure code patterns. Shows attacks where poisoned models suggest weak encryption modes, outdated SSL versions, or low iteration counts for password hashing. Highlights security risks in AI-assisted software development tools. | * Abstract: Demonstrates that neural code autocompleters can be poisoned to suggest insecure code patterns. Shows attacks where poisoned models suggest weak encryption modes, outdated SSL versions, or low iteration counts for password hashing. Highlights security risks in AI-assisted software development tools. | ||
| * Keywords: Code completion, backdoor attacks, software security, neural networks, supply chain attacks | * Keywords: Code completion, backdoor attacks, software security, neural networks, supply chain attacks | ||
| * URL: https://www.usenix.org/system/files/sec21-schuster.pdf | * URL: https://www.usenix.org/system/files/sec21-schuster.pdf | ||
| - | - **D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis** | + | - <fc red>(Han)</fc> **D2A: A Dataset Built for AI-Based Vulnerability Detection Methods Using Differential Analysis** |
| * Yunhui Zheng et al., ICSE 2021 | Pages: 17 | Difficulty: 3/5 | * Yunhui Zheng et al., ICSE 2021 | Pages: 17 | Difficulty: 3/5 | ||
| * Abstract: Proposes D2A, a differential analysis approach that automatically labels static analysis issues by comparing code versions before and after bug-fixing commits. Generates large dataset of 1.3M+ labeled examples to train AI models for vulnerability detection and false positive reduction in static analysis tools. | * Abstract: Proposes D2A, a differential analysis approach that automatically labels static analysis issues by comparing code versions before and after bug-fixing commits. Generates large dataset of 1.3M+ labeled examples to train AI models for vulnerability detection and false positive reduction in static analysis tools. | ||
| Line 400: | Line 401: | ||
| * Keywords: Email phishing, deep learning, BERT, CNN-LSTM, natural language processing | * Keywords: Email phishing, deep learning, BERT, CNN-LSTM, natural language processing | ||
| * URL: https://www.mdpi.com/2079-9292/12/20/4261/pdf | * URL: https://www.mdpi.com/2079-9292/12/20/4261/pdf | ||
| - | - **A Deep Learning-Based Innovative Technique for Phishing Detection with URLs** | + | - <fc red>(kwak)</fc>**A Deep Learning-Based Innovative Technique for Phishing Detection with URLs** |
| * Saleh N. Almuayqil et al., Sensors 2023 | Pages: 20 | Difficulty: 2/5 | * Saleh N. Almuayqil et al., Sensors 2023 | Pages: 20 | Difficulty: 2/5 | ||
| * Abstract: Proposes CNN-based model for phishing website detection using character embedding approach on URLs. Evaluates performance on PhishTank dataset achieving high accuracy in distinguishing legitimate from phishing websites. Introduces novel 1D CNN architecture specifically designed for URL-based detection without requiring HTML content analysis. | * Abstract: Proposes CNN-based model for phishing website detection using character embedding approach on URLs. Evaluates performance on PhishTank dataset achieving high accuracy in distinguishing legitimate from phishing websites. Introduces novel 1D CNN architecture specifically designed for URL-based detection without requiring HTML content analysis. | ||
class/gradsec2026.1773597887.txt.gz · Last modified: 2026/03/16 01:04 by mhshin · [Old revisions]
