Over four years ago one of our clients from IPS came to us with a cyber security problem. We were asked to take their task not as a symptom to alleviate, but as a reflection of a deeper problem to solve.…

On Tuesday the paper Computer activity learning from system call time series that Curt and I wrote was posted to the Arxiv. It explains how we used machine learning to create a minute-by-minute description of what is happening on a computer.…

It is impossible to write a general purpose malware detector. Not hard, not difficult, impossible. The argument for the impossibility relies on building an odd program. We may not write such a program in practice, but it does arise as a combination of things we do write — things like Perl-like regular expressions and input parsers — and carefully crafted inputs.…

The n-cube playground As a playground to understand the curse of dimensionality we spread 20,000 points throughout a 10-dimensional cube of side 2. Each coordinate of a point is independently chosen from a uniform random distribution ranging from -1 to 1.…