In general, machine learning is a type of artificial intelligence that provides computers with the capability to learn how to handle new and unknown data without being explicitly programmed. Several security research projects based on machine learning, most specifically the outlier detection, are being carried out by our team.
One use-case for it is anomaly detection. Nowadays, malicious user behavior that does not trigger an access violation or an alert of a data leak is difficult to be detected. Using the stolen login credentials the intruder doing espionage will first try to stay undetected: silently collect data from the company network and use only resources he is authorised to access. To deal with such cases, a Poisson-based anomaly detection algorithm was developed within this project.
Another use-case for machine learning is the semantic extraction of passwords. HPI scientists analyze the possibilities of machine learning for detecting patterns Internet users use for generating their passwords. The results of this research could help to improve password policies and to increase the security awareness of the people.