Explore a machine learning approach to network defense in this Black Hat USA 2013 conference talk. Delve into the challenges of effective security monitoring and incident detection amidst a shortage of skilled professionals. Discover how machine learning can be leveraged to automatically prioritize and classify potential events and attacks. Learn about a free-to-use web service that utilizes OSINT and knowledge of Internet spatial distribution to generate a fluid, constantly updated classifier for pinpointing areas of interest in network traffic logs. Gain insights into correlation rules, various applications of machine learning in security, data gathering considerations, and model intuition including proximity and temporal decay. Understand the process of data collection, feature calculation, and the role of the Hilbert Curve in this innovative approach to defending networks with incomplete information.
Defending Networks with Incomplete Information - A Machine Learning Approach
Overview
Syllabus
Intro
Correlation Rules: a Primer
Enter Machine Learning
Applications of Machine Learning
Security Applications of.ML
Kinds of Machine Learning.
Considerations on Data Gathering
Model: Data Collection
Model Intuition: Proximity
Model Intuition: Temporal Decay
Model: Calculate Features
Model: Example Feature (1)
Remember the Hilbert Curve?
Taught by
Black Hat
