Explore the intersection of AI and cybersecurity in this 48-minute lecture by Anupam Joshi, Oros Family Professor and Chair, and Director of the Center for Cybersecurity at the University of Maryland Baltimore County. Delve into advanced persistent threats, discussing their long and multi-step processes, and examine various vulnerabilities exploited, such as APT37 (REAPER). Learn about AI applications in cybersecurity, focusing on intrusion detection systems that map multiple traditional and novel sensors to a common ontology. Discover techniques for detecting potential new vulnerabilities from web descriptions, blogs, tweets, and discussions. Investigate deductive reasoning approaches to represent and reason over analyst knowledge and rules. Address challenges in using NLP toolkits for cybersecurity applications, explore software supply chain attacks, and gain insights into multi-lingual threat intelligence.
Overview
Syllabus
Intro
UMBO Advanced Persistent Threats AR - Long & Multi-step Process - Different vulnerabilities exploited - APT37 (REAPER)
UMBO AI for Cybersecurity: TLDR Version . Most IDS systems are point-based & driven by known signatures . Our system maps multiple traditional and novel sensors to a common ontology
Detecting Intrusions using Policies, Context, and Reasoning 1. Detect potential new vulnerabilities from (Dark) Web descriptions, blogs, tweets, and discussions, extract information and map to
UMBO What does that mean? Deductive Reasoning Can you represent "rules" in an Analyst's brain, and reason over them with facts ? - Background knowledge/Intelligence - New Vulnerabilities have been discovered in a software. Household machines with DHCP addresses
Why can't we use an NLP toolkit out of the box
Tracking vulnerability inheritance during development Software supply chain attacks!
Multi-lingual Threat Intelligence
Taught by
CAE in Cybersecurity Community
