Drift Forensics of Machine Learning for Malware Classification

Project ID: 2531ad1513

(You will need this ID for your application)

Research Theme: Digital Security and Resilience

UCL Lead department: Computer Science

Department Website

Lead Supervisor: Fabio Pierazzi

Project Summary:

This project will develop forensic tools to detect, understand and mitigate causes of concept drift in machine learning (ML)-based malware detection models.

Why this research is important

ML models are integral to modern security systems, yet attackers constantly find ways to evade detection by exploiting model weaknesses. This research focuses on concept drift—a phenomenon where changing data patterns degrade ML detection performance. This project aims to identify drift root causes to enhance ML resilience in malware detection, ensuring these models adapt to new threats and remain reliable in protecting critical systems.

Who you will be working with

You’ll collaborate with Dr. Pierazzi, Prof. Cavallaro, and their teams and international collaborators and industrial partners, submitting findings to top international venues such as S&P, CCS, USENIX Security, NDSS, AISec, SaTML, DIMVA, TOPS.

What you will be doing

You will perform hands-on research, analyzing and simulating drift scenarios with synthetic and real-world data. Using hypothesis testing, explanation methods, and statistical methods, you’ll develop metrics to measure drift and create adaptive tools for real-world security applications, gaining advanced skills at the intersection of ML, security, and forensic analysis.

Who we are looking for

We seek candidates with a background in computer science (or related field), with strong knowledge in at least one area among systems security, program analysis, or ML. A keen interest in these fields, coupled with analytical problem-solving skills, is essential. Prior research experience is a plus but not required; motivation, curiosity, and a commitment to innovation are key.

References