{"id":"https://openalex.org/W4403760382","doi":"https://doi.org/10.1145/3643456","title":"Pitfalls in Machine Learning for Computer Security","display_name":"Pitfalls in Machine Learning for Computer Security","publication_year":2024,"publication_date":"2024-10-25","ids":{"openalex":"https://openalex.org/W4403760382","doi":"https://doi.org/10.1145/3643456"},"language":"en","primary_location":{"id":"doi:10.1145/3643456","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3643456","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3643456","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3643456","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029169901","display_name":"Daniel J. Arp","orcid":"https://orcid.org/0000-0003-3628-794X"},"institutions":[{"id":"https://openalex.org/I4401727010","display_name":"Berlin Institute for the Foundations of Learning and Data","ror":"https://ror.org/05dsfb086","country_code":null,"type":"facility","lineage":["https://openalex.org/I4401727010","https://openalex.org/I4577782","https://openalex.org/I7877124"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Daniel Arp","raw_affiliation_strings":["Technische Universit\u00e4t Berlin, Berlin, Germany","The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany","institution_ids":["https://openalex.org/I4401727010"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085852581","display_name":"Erwin Quiring","orcid":"https://orcid.org/0009-0004-7170-1274"},"institutions":[{"id":"https://openalex.org/I1297971548","display_name":"International Computer Science Institute","ror":"https://ror.org/01ewh7m12","country_code":"US","type":"nonprofit","lineage":["https://openalex.org/I1297971548"]},{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE","US"],"is_corresponding":false,"raw_author_name":"Erwin Quiring","raw_affiliation_strings":["International Computer Science Institute (ICSI), Berkeley, USA","Ruhr University Bochum, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"International Computer Science Institute (ICSI), Berkeley, USA","institution_ids":["https://openalex.org/I1297971548"]},{"raw_affiliation_string":"Ruhr University Bochum, Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090260871","display_name":"Feargus Pendlebury","orcid":"https://orcid.org/0000-0003-1140-322X"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Feargus Pendlebury","raw_affiliation_strings":["University College London, London, England, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University College London, London, England, United Kingdom","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070293380","display_name":"Alexander Warnecke","orcid":"https://orcid.org/0009-0006-3617-3968"},"institutions":[{"id":"https://openalex.org/I4401727010","display_name":"Berlin Institute for the Foundations of Learning and Data","ror":"https://ror.org/05dsfb086","country_code":null,"type":"facility","lineage":["https://openalex.org/I4401727010","https://openalex.org/I4577782","https://openalex.org/I7877124"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Alexander Warnecke","raw_affiliation_strings":["Technische Universit\u00e4t Berlin, Berlin, Germany","The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany","institution_ids":["https://openalex.org/I4401727010"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072597369","display_name":"Fabio Pierazzi","orcid":"https://orcid.org/0000-0002-1254-1758"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Fabio Pierazzi","raw_affiliation_strings":["King\u2019s College London, London, England, United Kingdom"],"affiliations":[{"raw_affiliation_string":"King\u2019s College London, London, England, United Kingdom","institution_ids":["https://openalex.org/I183935753"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040751355","display_name":"Christian Wressnegger","orcid":"https://orcid.org/0009-0007-1493-9552"},"institutions":[{"id":"https://openalex.org/I102335020","display_name":"Karlsruhe Institute of Technology","ror":"https://ror.org/04t3en479","country_code":"DE","type":"education","lineage":["https://openalex.org/I102335020","https://openalex.org/I1305996414"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Christian Wressnegger","raw_affiliation_strings":["KASTEL Security Research Labs, Karlsruhe, Germany","Karlsruhe Institute of Technology, Karlsruhe, Germany"],"affiliations":[{"raw_affiliation_string":"KASTEL Security Research Labs, Karlsruhe, Germany","institution_ids":[]},{"raw_affiliation_string":"Karlsruhe Institute of Technology, Karlsruhe, Germany","institution_ids":["https://openalex.org/I102335020"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036908366","display_name":"Lorenzo Cavallaro","orcid":"https://orcid.org/0000-0002-3878-2680"},"institutions":[{"id":"https://openalex.org/I45129253","display_name":"University College London","ror":"https://ror.org/02jx3x895","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I45129253"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Lorenzo Cavallaro","raw_affiliation_strings":["University College London, London, England, United Kingdom"],"affiliations":[{"raw_affiliation_string":"University College London, London, England, United Kingdom","institution_ids":["https://openalex.org/I45129253"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5066077721","display_name":"Konrad Rieck","orcid":"https://orcid.org/0000-0002-5054-8758"},"institutions":[{"id":"https://openalex.org/I4401727010","display_name":"Berlin Institute for the Foundations of Learning and Data","ror":"https://ror.org/05dsfb086","country_code":null,"type":"facility","lineage":["https://openalex.org/I4401727010","https://openalex.org/I4577782","https://openalex.org/I7877124"]},{"id":"https://openalex.org/I4577782","display_name":"Technische Universit\u00e4t Berlin","ror":"https://ror.org/03v4gjf40","country_code":"DE","type":"education","lineage":["https://openalex.org/I4577782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Konrad Rieck","raw_affiliation_strings":["Technische Universit\u00e4t Berlin, Berlin, Germany","The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Berlin, Berlin, Germany","institution_ids":["https://openalex.org/I4577782"]},{"raw_affiliation_string":"The Berlin Institute for the Foundations of Learning and Data (BIFOLD), Berlin, Germany","institution_ids":["https://openalex.org/I4401727010"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5029169901"],"corresponding_institution_ids":["https://openalex.org/I4401727010","https://openalex.org/I4577782"],"apc_list":null,"apc_paid":null,"fwci":1.369,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.81952098,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":100},"biblio":{"volume":"67","issue":"11","first_page":"104","last_page":"112"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7683405876159668},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4571284353733063},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3676260709762573},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3591533899307251},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.34273865818977356}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7683405876159668},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4571284353733063},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3676260709762573},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3591533899307251},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.34273865818977356}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3643456","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3643456","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3643456","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},{"id":"pmh:oai:eprints.ucl.ac.uk.OAI2:10212285","is_oa":true,"landing_page_url":"https://discovery.ucl.ac.uk/id/eprint/10212285/","pdf_url":"https://discovery.ucl.ac.uk/10212285/1/3643456.pdf","source":{"id":"https://openalex.org/S4306400024","display_name":"UCL Discovery (University College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I45129253","host_organization_name":"University College London","host_organization_lineage":["https://openalex.org/I45129253"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Communications of the ACM , 67  (11)   pp. 104-112.   (2024)","raw_type":"Article"}],"best_oa_location":{"id":"doi:10.1145/3643456","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3643456","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3643456","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4403760382.pdf"},"referenced_works_count":26,"referenced_works":["https://openalex.org/W9657784","https://openalex.org/W1463623766","https://openalex.org/W1563577331","https://openalex.org/W1787224781","https://openalex.org/W1985987493","https://openalex.org/W2018175892","https://openalex.org/W2026543586","https://openalex.org/W2100483895","https://openalex.org/W2120702739","https://openalex.org/W2122672392","https://openalex.org/W2153222072","https://openalex.org/W2156204309","https://openalex.org/W2158698691","https://openalex.org/W2182361439","https://openalex.org/W2407313496","https://openalex.org/W2595840341","https://openalex.org/W2599823825","https://openalex.org/W2781491433","https://openalex.org/W2884019276","https://openalex.org/W2891865791","https://openalex.org/W2963197901","https://openalex.org/W3015481738","https://openalex.org/W3101228802","https://openalex.org/W3103836116","https://openalex.org/W6784472380","https://openalex.org/W7047381192"],"related_works":["https://openalex.org/W2961085424","https://openalex.org/W4306674287","https://openalex.org/W3046775127","https://openalex.org/W3107602296","https://openalex.org/W4394896187","https://openalex.org/W3170094116","https://openalex.org/W4386462264","https://openalex.org/W4364306694","https://openalex.org/W4312192474","https://openalex.org/W4283697347"],"abstract_inverted_index":{"With":[0],"the":[1,9,98,119,130,152,155,174],"growing":[2],"processing":[3],"power":[4],"of":[5,12,36,103,111,154],"computing":[6],"systems":[7,72],"and":[8,49,69,78,101,149,189],"increasing":[10],"availability":[11],"massive":[13],"datasets,":[14],"machine":[15,56,185],"learning":[16,57,186],"algorithms":[17],"have":[18],"led":[19],"to":[20,62,146,167],"major":[21],"breakthroughs":[22],"in":[23,58,97,129,170,187],"many":[24],"different":[25],"areas.":[26],"This":[27],"development":[28],"has":[29],"influenced":[30],"computer":[31],"security,":[32],"spawning":[33],"a":[34,109,161],"series":[35],"work":[37],"on":[38],"learning-based":[39,71,104],"security":[40,59,76,105,116,132,156,188],"systems,":[41],"such":[42],"as":[43],"for":[44,75,192],"malware":[45],"detection,":[46],"vulnerability":[47],"discovery,":[48],"binary":[50],"code":[51],"analysis.":[52],"Despite":[53],"great":[54],"potential,":[55],"is":[60],"prone":[61],"subtle":[63],"pitfalls":[64,96,126,143,175],"that":[65,124],"undermine":[66],"its":[67],"performance":[68,148],"render":[70],"potentially":[73],"unsuitable":[74],"tasks":[77],"practical":[79],"deployment.":[80],"In":[81,134],"this":[82,87],"paper,":[83],"we":[84,93,138,163,179],"look":[85],"at":[86,158],"problem":[88,157],"with":[89],"critical":[90],"eyes.":[91],"First,":[92],"identify":[94,180],"common":[95],"design,":[99],"implementation,":[100],"evaluation":[102],"systems.":[106],"We":[107],"conduct":[108],"study":[110],"30":[112],"papers":[113],"from":[114],"top-tier":[115],"conferences":[117],"within":[118],"past":[120],"10":[121],"years,":[122],"confirming":[123],"these":[125],"are":[127],"widespread":[128],"current":[131],"literature.":[133],"an":[135],"empirical":[136],"analysis,":[137],"further":[139,193],"demonstrate":[140],"how":[141],"individual":[142],"can":[144],"lead":[145],"unrealistic":[147],"interpretations,":[150],"obstructing":[151],"understanding":[153],"hand.":[159],"As":[160],"remedy,":[162],"propose":[164],"actionable":[165],"recommendations":[166],"support":[168],"researchers":[169],"avoiding":[171],"or":[172],"mitigating":[173],"where":[176],"possible.":[177],"Furthermore,":[178],"open":[181],"problems":[182],"when":[183],"applying":[184],"provide":[190],"directions":[191],"research.":[194]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}