Towards Improving Code Stylometry Analysis in Underground Forums

2 Nov

Michal Tereszkowski-Kaminski, PhD Student at London King’s College

External Presentation (External Speaker)

Code Stylometry has emerged as a powerful mechanism to identify programmers.While there have been significant advances in the field, existing mechanisms underperform in challenging domains. One such domain is studying the provenance of code shared in underground forums, where code posts tend to have small or incomplete source code fragments. This work proposes a method designed to deal with the idiosyncrasies of code snippets shared in these forums.

Our system fuses a forum-specific learning pipeline with Conformal Prediction to generate predictions with precise confidence levels as a novelty. We see that identifying unreliable code snippets is paramount to generate high-accuracy predictions, and this is a task where traditional learning settings fail. Overall, our method performs as twice as well as the state-of-the-art in a constrained setting with a large number of authors (i.e., 100).When dealing with a smaller number of authors (i.e., 20), it performs at high accuracy (89\%). We also evaluate our work on an open-world assumption and see that our method is more effective at retaining samples.

About Michal Tereszkowski-Kaminski

Michal is a PhD student from King’s College London in the UK, working on profiling malware developers from a source code perspective. He was awarded an MSci in Computer Science from King’s College London in 2018. He is visiting IMDEA Networks Institute for a few months while working on his thesis under the supervision of Dr. Guillermo Suarez de Tangil.

This event will be conducted in English

  • Location: MR-A1 [Ramón] & MR-A2 [Cajal], IMDEA Networks Institute, Avda. del Mar Mediterráneo 22, 28918 Leganés – Madrid
  • Organization: NETCOM Research Group (Telematics Engineering Department, UC3M); IMDEA Networks Institute
  • Time: 12:00
  • Add to Calendar: iCalendar Outlook Google