GPT-3 and Me: How Supercomputer-scale Neural Network Models Apply to Defensive Cybersecurity Problems

Presented at Black Hat USA 2022, Aug. 10, 2022, 4:20 p.m. (40 minutes).

A key lesson of recent deep learning successes is that as we scale neural networks, they get better, and sometimes in game-changing ways.

In this talk, we'll demonstrate and explain how supercomputer-scale neural networks open new vistas for security, qualitatively changing the horizons for machine learning security applications in surprising and powerful ways. Specifically, we'll demonstrate two applications of large neural networks to security problems that wouldn't have been tractable with smaller models: generating custom, human-readable explanations of difficult-to-parse attacker behavior, and detecting malicious behaviors even when we have very few examples of the kind of behaviors we're looking for.

We'll describe each example application in transparent and reproducible detail, and then show you how you can use our work, or do your own large neural network experimentation, using publicly available models like OpenAI's GPT-3 series of models.


Presenters:

  • Joshua Saxe - Chief Scientist, Sophos
    Joshua Saxe is Chief Scientist at Sophos, where he manages the Sophos AI team, and provides strategic leadership for the company's research and development efforts. Before joining Sophos, Saxe was Chief Data Scientist at Invincea, where he led the development of machine learning systems for analyzing, detecting, and blocking malware executables and malicious behavior, and was Principal Investigator on multiple DARPA funded efforts focused on applying machine learning and data visualization to the federal government's cybersecurity challenges. He is the author, with Hillary Sanders, of the book Malware Data Science, from No Starch Press, and an author on multiple patents and peer-reviewed security machine learning papers.
  • Younghoo Lee - Research Scientist, Sophos
    Younghoo Lee is a senior data scientist with a strong background in deep learning models and big data systems. Prior to joining Sophos, he developed malware classification systems at Symantec and mobile software platforms at Samsung Electronics. His research interests include deep learning models for detecting malicious emails and mobile applications and categorizing web content. In his free time, he explores amazing bushwalking tracks in Sydney.

Links:

Similar Presentations: