Communications of the ACM, volume 67, issue 11, pages 104-112

Pitfalls in Machine Learning for Computer Security

Daniel Arp ^{1, 2}

Erwin Quiring ^{3, 4}

Feargus Pendlebury ⁵

Alexander Warnecke ^{1, 2}

Fabio Pierazzi ⁶

Christian Wressnegger ^{7, 8}

Lorenzo Cavallaro ⁵

Konrad Rieck ^{1, 2}

Hide authors affiliations

Technische Universität Berlin, Berlin, Germany |

The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany |

International Computer Science Institute (ICSI), Berkeley, USA |

⁴

Ruhr University Bochum, Bochum, Germany |

⁵

University College London, london, England, United Kingdom |

⁶

King’s College London, London, England, United Kingdom |

⁷

Karlsruhe Institute of Technology, Karlsruhe, Germany |

⁸

KASTEL Security Research Labs, Karlsruhe, Germany |

Publication type: Journal Article

Publication date: 2024-10-25

Association for Computing Machinery (ACM)

Journal: Communications of the ACM

scimago Q1

SJR: 2.957

CiteScore: 16.1

Impact factor: 11.1

ISSN: 00010782, 15577317

DOI: 10.1145/3643456

Copy DOI

Abstract

With the growing processing power of computing systems and the increasing availability of massive datasets, machine learning algorithms have led to major breakthroughs in many different areas. This development has influenced computer security, spawning a series of work on learning-based security systems, such as for malware detection, vulnerability discovery, and binary code analysis. Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance and render learning-based systems potentially unsuitable for security tasks and practical deployment.

In this paper, we look at this problem with critical eyes. First, we identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We conduct a study of 30 papers from top-tier security conferences within the past 10 years, confirming that these pitfalls are widespread in the current security literature. In an empirical analysis, we further demonstrate how individual pitfalls can lead to unrealistic performance and interpretations, obstructing the understanding of the security problem at hand. As a remedy, we propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible. Furthermore, we identify open problems when applying machine learning in security and provide directions for further research.