Posts by Collection

portfolio

Energy Based Modeling with Maximum Likelihood esimation

Energy Based Models are a quite novel technique for density estimation. In this university project I explore this new research topic and implement EBMs as generative models, comparing the results obtained with Maximum Likelihood estimation and Sliced Score Matching on MNIST and a toy 2D dataset.

publications

Reinforcement Learning-aided Dynamic Analysis of Evasive Malware

Published in PoliTO, 2022

As cyberspace becomes more and more complex, malware authors strive to take advantage of the growing number of vulnerabilities. This requires security researchers to invest more effort in developing automated malware analysis tools, able to cope with the increasing pace of suspicious binaries. The Achilles heel of automated malware analysis tools is evasive malware, which may put countless strategies in place to impede analysis. For instance, malware trying to detect that they are under observation in an analysis environment and, as a consequence, conceal their malicious behavior by performing only innocuous operations. Evasive malware can hinder analysis by either performing static code obfuscation (eg via packers, crypters) or dynamic evasion (eg sandbox and debugger evasion). The goal of this thesis is to explore the application of Reinforcement Learning (RL) to dynamic analysis, to reduce the burden of exhaustive exploration of conditional paths. To this end, we develop a model that is capable of noticing new evasive schemes via RL. Stateof-the-art approaches generally identify evasions through fingerprinting, which is not effective in identifying slight mutations of evasion schemes. In contrast, this work employs a language model to abstract out the syntax of binary code, while preserving its semantics. Furthermore, to improve over state-of-the-art solutions, the presented solution considers both evasion schemes and the malicious nature of regions of code protected by evasive conditions, to better distinguish true evasive behaviors from false positives. As a consequence, this method is easily extended to guide the search of…

Recommended citation: Matteo Bunino (2022). "Reinforcement Learning-aided Dynamic Analysis of Evasive Malware. https://webthesis.biblio.polito.it/secure/22588/1/tesi.pdf

From Spectral Graph Convolutions to Large Scale Graph Convolutional Networks

Published in arXiv preprint arXiv:2207.05669, 2022

Graph Convolutional Networks (GCNs) have been shown to be a powerful concept that has been successfully applied to a large variety of tasks across many domains over the past years. In this work we study the theory that paved the way to the definition of GCN, including related parts of classical graph theory. We also discuss and experimentally demonstrate key properties and limitations of GCNs such as those caused by the statistical dependency of samples, introduced by the edges of the graph, which causes the estimates of the full gradient to be biased. Another limitation we discuss is the negative impact of minibatch sampling on the model performance. As a consequence, during parameter update, gradients are computed on the whole dataset, undermining scalability to large graphs. To account for this, we research alternative methods which allow to safely learn good parameters while sampling only a subset of data per iteration. We reproduce the results reported in the work of Kipf et al. and propose an implementation inspired to SIGN, which is a sampling-free minibatch method. Eventually we compare the two implementations on a benchmark dataset, proving that they are comparable in terms of prediction accuracy for the task of semi-supervised node classification.

Recommended citation: Matteo Bunino (2022). "From Spectral Graph Convolutions to Large Scale Graph Convolutional Networks" Journal arXiv preprint arXiv:2207.05669. https://arxiv.org/pdf/2207.05669

talks

Synergistically Integrating HPC and Cloud

Published:

This talk was given on the second day of the 2024’s ISC conference and was shared among experts from industry (Google, PGS) and academia (CERN, DFKI, RWTH), driving a discussion on current strategies of integrating cloud and HPC infrastructure, finetuning it on the needs of different user bases.

Reinforcement learning and its applications in particle accelerators at CERN

Published:

An hands-on crash course on Reinforcement Learning (RL) delivered to CERN openlab summer students, in the context of CERN openlab summer student lecture programme, with the goal of explaining the potential of RL and its real-world applications in particle accelerators at CERN. The course focused in particular on learning by doing, solving exercises together to better grasp the sometimes abstract concepts of RL.

MLFlow while running on a SuperComputer with Matteo Bunino from CERN

Published:

This live stream was organized by Diego Ciangottini (INFN) and showcased a demo on how to to employ interLink, a software component developed in the interTwin project, meant to enable cloud-HPC integration. Matteo showed how interLink can be used to offload to remote HPC resources compute-intensive AI workflows used in scientific applications, with a particular focus on maintaining consistent ML metadata across different computing infrastructures using MLFlow.

teaching

Teaching experience 1

Undergraduate course, University 1, Department, 2014

This is a description of a teaching experience. You can use markdown like any other post.

Teaching experience 2

Workshop, University 1, Department, 2015

This is a description of a teaching experience. You can use markdown like any other post.