Bobby Filar

Bobby FilarPersonal site of Bobby Filar — Head of AI at Sublime Security. Research on agentic systems, LLM evaluation, adversarial ML, and AI governance.https://bfilar.github.io/[Publication] Evaluating LLM Generated Detection Rules in Cybersecurityhttps://bfilar.github.io/publications/evaluating-llm-detection-rules/https://bfilar.github.io/publications/evaluating-llm-detection-rules/An open-source evaluation framework and three benchmark metrics for measuring LLM-generated cybersecurity detection rules.Sat, 20 Sep 2025 00:00:00 GMT[Publication] RWArmor: A Static-Informed Dynamic Analysis Approach for Early Detection of Cryptographic Windows Ransomwarehttps://bfilar.github.io/publications/rwarmor/https://bfilar.github.io/publications/rwarmor/Combining static features with dynamic-analysis signals to detect cryptographic ransomware early in the encryption lifecycle.Fri, 01 Sep 2023 00:00:00 GMT[Publication] Classifying Sequences of Extreme Length with Constant Memory Applied to Malware Detectionhttps://bfilar.github.io/publications/extreme-length-malware/https://bfilar.github.io/publications/extreme-length-malware/A constant-memory architecture for classifying sequences of arbitrary length, applied to whole-binary malware detection.Tue, 18 May 2021 00:00:00 GMT[Publication] Getting Passive Aggressive About False Positives: Patching Deployed Malware Detectorshttps://bfilar.github.io/publications/passive-aggressive/https://bfilar.github.io/publications/passive-aggressive/An online-learning approach for patching deployed malware classifiers when new false positives surface in production.Tue, 17 Nov 2020 00:00:00 GMT[Publication] Automatic YARA Rule Generation Using Biclusteringhttps://bfilar.github.io/publications/autoyara/https://bfilar.github.io/publications/autoyara/An automated approach to generating high-quality YARA detection rules using biclustering over malware feature space.Fri, 13 Nov 2020 00:00:00 GMT[Publication] ProblemChild: Discovering Anomalous Patterns based on Parent-Child Process Relationshipshttps://bfilar.github.io/publications/problemchild/https://bfilar.github.io/publications/problemchild/A graph-based approach to identifying anomalous process lineage on enterprise endpoints.Tue, 11 Aug 2020 00:00:00 GMT[Publication] The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigationhttps://bfilar.github.io/publications/malicious-use-ai/https://bfilar.github.io/publications/malicious-use-ai/Foundational report co-authored with researchers from FHI, OpenAI, CSER, EFF, and CNAS on the misuse risks of advanced AI.Tue, 20 Feb 2018 00:00:00 GMT[Publication] Learning to Evade Static PE Machine Learning Malware Models via Reinforcement Learninghttps://bfilar.github.io/publications/malware-rl-evasion/https://bfilar.github.io/publications/malware-rl-evasion/An RL agent that learns to make non-breaking modifications to malicious PE binaries to evade static ML-based malware classifiers.Fri, 26 Jan 2018 00:00:00 GMT[Publication] Ask Me Anything: A Conversational Interface to Augment Information Security Workershttps://bfilar.github.io/publications/ask-me-anything/https://bfilar.github.io/publications/ask-me-anything/An early natural-language interface for security analysts — a precursor to today's agent-based SOC tooling.Wed, 12 Jul 2017 00:00:00 GMT[Publication] DeepDGA: Adversarially-Tuned Domain Generation and Detectionhttps://bfilar.github.io/publications/deepdga/https://bfilar.github.io/publications/deepdga/A GAN-style approach to generating adversarial domain names that evade DGA classifiers — and using the same setup to train a more robust detector.Fri, 28 Oct 2016 00:00:00 GMT