Infosecurity Europe: How Proton Fights Against Cybercriminals Using Its Services
Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals
Machine learning supports malware detection and threat analysis, but attackers can also exploit biased data, model weaknesses, or poisoned training.
Search across headline titles and summaries.
Background for this topic.
Machine learning is a way to build software that learns patterns from data and uses them to classify, predict, or make decisions, rather than relying solely on hand-written rules. Models may support malware and phishing detection, user- or entity-behavior analysis, vulnerability prioritization, and automated security triage. Their outputs are probabilistic, so unusual activity can be missed or incorrectly flagged; changing normal behavior can also cause model drift and reduce accuracy.
Security teams must protect both the model and its training data. An attacker may manipulate training examples (data poisoning), craft inputs designed to evade detection (adversarial examples), or extract sensitive information from a model or its data. Controls include trusted data provenance, access restrictions, testing against realistic evasive inputs, monitoring for drift, and human review of high-impact decisions. Where models process personal, proprietary, or security telemetry, collection, retention, and reuse require appropriate privacy and governance controls.
Weekly headline count for the current query.
Proton uses machine learning models to detect abuse of its services – especially email addresses used by cybercriminals
A critical Azure Machine Learning flaw allows privilege escalation, risking subscription compromise
A novel attack exploited machine learning models on PyPI, using zipped Pickle files to deliver infostealer malware
New principles set to take on adversarial machine learning
Day 2 of Engima 2022 explored how organizations and security vendors can improve malware detection