Data Science Researcher Intern Adversarial Research
FireEye - Reston VA

Internship Category: Paid

Description
Description
Map
Reviews
  • Position Title:Data Science Intern Adversarial Research

    Location: Reston, VA

    The Company:

    FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,000 customers across 67 countries, including more than 650 of the Forbes Global 2000.

    The Role:

    FireEyes Innovation & Custom Engineering (ICE) Data Science team has developed several machine learning (ML) models for static malware classification of Windows executables. However, there have been several interesting research developments in recent ML/security literature on automated attacks against such ML models. The general idea of this research is that a malware author can use certain algorithms to generate malware samples that avoid ML detection. We want to study these algorithms to determine their applicability to malware classification of Windows executables. By understanding the attack vectors, we can adjust our defenses to build better malware detection models.

    Working as a part of the FireEye ICE-Data Science team, this role will:
    • Demonstrate that a state-of-the-art attack (e.g., Carlini-Wagner) on a malware classification model works by perturbing bytes in a Windows executable.
    • Same as Step 1, but with the additional constraint that any perturbation of the bytes in an executable must be done while not breaking the functionality/validity of the Windows executable.
    • Identify potential defenses to the attacks.
    • Assemble results into a paper we publish at a conference/workshop.

    Responsibilities:

    • Perform adversarial attacks on proprietary ML malware classifiers
    • Explore use of generative adversarial networks (GANs) to adversarial attacks
    • Provide weekly updates to ICE-DS team
    • Engage in team meetings, discussions, and presentations
    • Record repeatable experiments in FireEye github repository and produce detailed documentation of findings
    • Present research on bi-weekly basis and prepare final presentation at the close of the internship

    Requirements:

    • Experience in applying a wide variety of unsupervised, semi-supervised, and supervised machine learning techniques
    • An understanding of malware detection, and experience with basic static and dynamic analysis of binaries
    • Strong skills in Python development and use of machine learning packages
    • Experience with Linux command line and Jupyter Notebooks
    Additional Qualifications
    • Ability to document and explain technical details clearly and concisely
    • Strong written and verbal communication skills
    • Ability to work as part of a remote team
    FireEye is an Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or on the basis of disability. Click here to view the full EEO/AA statement.
  • LI-

Position Title:Data Science Intern Adversarial Research

Location: Reston, VA

The Company:

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,000 customers across 67 countries, including more than 650 of the Forbes Global 2000.

The Role:

FireEyes Innovation & Custom Engineering (ICE) Data Science team has developed several machine learning (ML) models for static malware classification of Windows executables. However, there have been several interesting research developments in recent ML/security literature on automated attacks against such ML models. The general idea of this research is that a malware author can use certain algorithms to generate malware samples that avoid ML detection. We want to study these algorithms to determine their applicability to malware classification of Windows executables. By understanding the attack vectors, we can adjust our defenses to build better malware detection models.

Working as a part of the FireEye ICE-Data Science team, this role will:
  • Demonstrate that a state-of-the-art attack (e.g., Carlini-Wagner) on a malware classification model works by perturbing bytes in a Windows executable.
  • Same as Step 1, but with the additional constraint that any perturbation of the bytes in an executable must be done while not breaking the functionality/validity of the Windows executable.
  • Identify potential defenses to the attacks.
  • Assemble results into a paper we publish at a conference/workshop.

Responsibilities:

  • Perform adversarial attacks on proprietary ML malware classifiers
  • Explore use of generative adversarial networks (GANs) to adversarial attacks
  • Provide weekly updates to ICE-DS team
  • Engage in team meetings, discussions, and presentations
  • Record repeatable experiments in FireEye github repository and produce detailed documentation of findings
  • Present research on bi-weekly basis and prepare final presentation at the close of the internship

Requirements:

  • Experience in applying a wide variety of unsupervised, semi-supervised, and supervised machine learning techniques
  • An understanding of malware detection, and experience with basic static and dynamic analysis of binaries
  • Strong skills in Python development and use of machine learning packages
  • Experience with Linux command line and Jupyter Notebooks
Additional Qualifications
  • Ability to document and explain technical details clearly and concisely
  • Strong written and verbal communication skills
  • Ability to work as part of a remote team
FireEye is an Equal Opportunity Employer: All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, national origin, protected veteran status, or on the basis of disability. Click here to view the full EEO/AA statement.
  • LI-
  • No Records Found

    Sorry, no records were found. Please adjust your search criteria and try again.

    Google Map Not Loaded

    Sorry, unable to load Google Maps API.

  • Leave a Review

  • Related Blog Posts