Dive deep into the world of machine learning-based monitoring for information security in this comprehensive Black Hat conference talk. Explore the strengths and limitations of various data analysis and machine learning techniques applied to cybersecurity. Examine unfulfilled promises of deterministic and exploratory analysis, and learn how to avoid repeating past mistakes. Discover the presenter's latest research findings, including interesting results obtained since Black Hat USA 2013, and gain insights into potential improvements for applying machine learning in incident detection and response. Understand the challenges of anomaly detection, classification, and user behavior analysis in cybersecurity contexts. Evaluate the effectiveness of machine learning solutions against data tampering and false positives. Get practical advice for selecting and implementing machine learning-based security tools through a buyer's guide and exploration of the MLSec Project.
Secure Because Math - A Deep-Dive on Machine Learning-Based Monitoring
Overview
Syllabus
Intro
whoami
Security Singularity Approaches
Guess the Year!
A little history
Three Letter Acronyms - KDD
Trolling, maybe?
Not here to bash academia
A Probable Outcome
ML Marketing Patterns
Anomaly Detection
AD: Curse of Dimensionality
A practical example
A MORE practical example
Breaking the Curse
AD: Normality-poisoning attacks
AD: Hanlon's Razor
What about User Behavior?
Classification!
Lots of Malware Activity
Everyone makes mistakes!
What about the Ground Truth?
But what about data tampering?
And what about false positives?
Buyer's Guide
MLSec Project
Taught by
Black Hat
