The prevalent use of computers and internet has enhanced the quality of life for many people, but it has also attracted undesired attempts to undermine these systems. This special topic contains several research studies on how machine learning algorithms can help improve the security of computer systems.

“Modeling” in the context of computer security has the same comotation as in the fields of science and engineering, that of an abstraction used for the consideration of a problem of interest. One recent criticism of the Bell-La Padnla model confused this notion of “modeling” with a foundational notion of “model” or “interpretation” and, in addhion, included intrinsic errors of reasoning.

During the last couple of years we have been addressing classification problems in computer security applications. In particular, we have focused on three key items: (1) evaluation metrics for classifiers in adversarial environments, (2) the design of optimal classifiers against adaptive adversaries, and (3) voting algorithms for the combination of multiple classifiers. Our results have been pu...

Security patterns are a mature paradigm for the development of secure systems. For years, security patterns have proven their usefulness, and have demonstrated that their use, especially at the software architecture level, provides important advantages. Security patterns have also proven their value as a communication vehicle and as an educational tool. However, the ever-growing complexity and ...

In the past several years I have written two SMT solvers called STP and HAMPI that have found widespread use in computer security research by leading groups in academia, industry and the government. In this note I summarize the features of STP/HAMPI that make them particularly suited for computer security research, and a brief description of some of the more important projects that use them.

This paper discusses lessons learned from a selection of computer security problems that have surfaced in the recent past, and that are likely to show up again in the future. Examples are taken from security advisories and from unpublished loopholes in the author’s own work. 1. Widely-known passwords Imagine that you choose a password to protect your systems and then advertise that password in ...

The adaptation and extension is necessary to apply the CERT-taxonomy to malware in order to categorise the threat (e.g., Trojan horses, Viruses etc.) as a basis for countermeasures. For the adaptation of the taxonomy to include malware a new entry in the tools section is needed (malicious software). This entry will cover the Trojan horses mentioned earlier. The proposed extension of the CERT-ta...