SlideShare a Scribd company logo

Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Security

D
Digital Transformation EXPO Event Series

Sophos' Greg Iddon peels back the layers of jargon surrounding the machine learning field and explains how the security industry is supplementing reactive, human-based malware research with predictive machine learning models to defend against the relentless onslaught of malware.

Technology
1 of 37
Download to read offline
Deep Dive Into Deep Learning Greg Iddon Senior Product Manager April 2018
2
The Threat Landscape Has Shifted 3 Exploits Most organizations have no exploit prevention^ 83% agree it has become more difficult to stop threats ^ Advanced Threats Ransomware 54% of organizations hit twice on average in 2017^ ^Source: The State of Endpoint Security Today SurveySource: SophosLabs 26% 20% 20% 12% 12% 8% Advanced Malware Ransomware Email Malware Web Malware Generic Malware Cryptocurrency
Vulnerabilities Waiting to Be Exploited 4 Software Vulnerabilities Reported by Year Source information NIST National Vulnerability Database as of 6th January 2018 https://nvd.nist.gov/vuln/search/statistics. 4,639 4,150 5,288 5,187 7,937 6,487 6,447 14,643 5,456 2010 2011 2012 2013 2014 2015 2016 2017 2018 16,368
75% 75% of the malicious files SophosLabs detects are found only within a single organization. 400,000 SophosLabs receives and processes 400,000 previously unseen malware samples each day. The Age of Single-Use / Unseen Malware
6
7
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
16 Artificial Intelligence Machine Learning K-Means Hidden Markov Nearest Neighbor Clustering, Statistical distribution Deep Learning Decision Trees
A Simple Algorithm 17 70 80 90 100 110 120 130 140 150 160 1 2 3 4 5 6 7 8 9 10 11 12 Height(cm) Age (years)
A Simple Algorithm 18 y = 6.8242x + 70.653 70 80 90 100 110 120 130 140 150 160 1 2 3 4 5 6 7 8 9 10 11 12 Height(cm) Age (years)
Machine Learning vs Signatures 19 • Machine learning’s job is to place the blue line in the best place possible • Human analysts do the same thing: (e.g. defining that if file size > 2000000 and compression level > 0.5, it’s malware) 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size ?
Overfitting 20 • Limited data when training a model can result in overfitting • False Positives are hard to avoid with generic machine learning algorithms 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size
Overfitting 21 • Limited data when training a model can result in overfitting • False Positives are hard to avoid with generic machine learning algorithms 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size
Adding dimensions: A classifier in three dimensions File size • The blue plane is the machine learning model, defined by a simple equation • Humans can still write a rule that expresses the same basic idea: (e.g. if file size > 2000000 and compression level > 0.5 and number of strings > 1000, it’s malware)
23 Artificial Intelligence Machine Learning K-Means Hidden Markov Nearest Neighbor Clustering, Statistical distribution Deep Learning Decision Trees
24 K-Means Hidden MarkovNearest Neighbor Clustering, Statistical distribution Deep Learning Decision Trees Supervised Unsupervised
25 Supervised Unsupervised
Deep Neural Networks are the top performing classifiers, highlighting the added value of Deep Neural Networks over other more conventional methods. Moreover, [Deep Neural Networks] performed significantly better at almost one standard deviation higher than the mean performance. 26 Beyond the hype: deep neural networks outperform established methods using a ChEMBL bioactivity benchmark set Eelke B. Lenselink, Niels ten Dijke, Brandon Bongers, George Papadatos, Herman W. T. van Vlijmen, Wojtek Kowalczyk, Adriaan P. IJzerman and Gerard J. P. van Westen
Machine Learning vs. Deep LearningDEEPLEARNING Interconnected Layers of Neurons, Each Identifying More Complex Features INPUT OUTPUT OUTPUT MACHINELEARNING Decision Tree INPUT Random Forest OUTPUTINPUT
Deep Learning Neural Network Faster o DL detections in 20-100 milliseconds per file o Traditional ML 100-500 milliseconds per file Smaller o Deep learning models are about 10-20 MB o Traditional ML models can get huge 500 MB-10 GB Smarter o Deep learning provides proven higher detection rates that improve with more data o Traditional ML has lower detection rates and diminishing returns with more data
29
30
Deep Learning Neural Networks 31 DEEPLEARNING Interconnected Layers of Neurons, Each Identifying More Complex Features INPUT 6 7 8 9 10 OUTPUT 1 2 3 4 5 INPUT OUTPUT 3
Inside The Neurons 32
Unprecedented Synergies of Man and Machine LABS: Source 100s of millions of samples for the best possible predictions LABS: Use established Labs systems and processes to ensure labeling precision DATA SCIENCE: Create the most efficient algorithms for solving hard cybersecurity problems DATA SCIENCE + LABS: Continuously incorporate feedback to improve system accuracy and predictive power Only Sophos has this critical combination of Labs Research and Data Science For the first time ever, we can memorize the entire observable threat universe.
Sophos XG Firewall Sandstorm
36
Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Security

Recommended

20170402 Crop Innovation and Business - Amsterdam
20170402 Crop Innovation and Business - Amsterdam20170402 Crop Innovation and Business - Amsterdam
20170402 Crop Innovation and Business - AmsterdamAllen Day, PhD
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systems
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systemsAI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systems
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systemsGanesan Narayanasamy
 
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...Andrew Gardner
 
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017StampedeCon
 
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityAI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityTasnim Alasali
 
2015 genome-center
2015 genome-center2015 genome-center
2015 genome-centerc.titus.brown
 

Recommended

20170402 Crop Innovation and Business - Amsterdam
20170402 Crop Innovation and Business - Amsterdam20170402 Crop Innovation and Business - Amsterdam
20170402 Crop Innovation and Business - AmsterdamAllen Day, PhD
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
Machine Learning ICS 273A
Machine Learning ICS 273AMachine Learning ICS 273A
Machine Learning ICS 273Abutest
 
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systems
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systemsAI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systems
AI in healthcare and Automobile Industry using OpenPOWER/IBM POWER9 systemsGanesan Narayanasamy
 
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...
Deep Learning for Data Scientists - Data Science ATL Meetup Presentation, 201...Andrew Gardner
 
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017
AI in the Enterprise: Past, Present & Future - StampedeCon AI Summit 2017StampedeCon
 
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityAI Cybersecurity: Pros & Cons. AI is reshaping cybersecurity
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityTasnim Alasali
 
2015 genome-center
2015 genome-center2015 genome-center
2015 genome-centerc.titus.brown
 
[243] turning data into value
[243] turning data into value[243] turning data into value
[243] turning data into valueNAVER D2
 
Machine Learning
Machine LearningMachine Learning
Machine LearningMahdi Hosseini Moghaddam
 
Introduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolutionIntroduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolutionDarian Frajberg
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceSparkCognition
 
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thCYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thUnited Technology Group (UTG)
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science TJ Stalcup
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.pptbutest
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.pptbutest
 
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Alex Pinto
 
Cloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of GoogleCloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of GoogleData Con LA
 
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...Allen Day, PhD
 
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...eMadrid network
 
eForensics_17_2013_KMOKER
eForensics_17_2013_KMOKEReForensics_17_2013_KMOKER
eForensics_17_2013_KMOKERKevin M. Moker, CFE, CISSP, ISSMP, CISM
 
Big Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning DemystifiedBig Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning DemystifiedMatt Stubbs
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
323462348
323462348323462348
323462348Shubhangi Kirange
 
323462348
323462348323462348
323462348DrShubhangiDnyaneshw
 
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, NvidiaODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, NvidiaAlex Ermolaev
 
AI in healthcare - Use Cases
AI in healthcare - Use Cases AI in healthcare - Use Cases
AI in healthcare - Use Cases Ganesan Narayanasamy
 
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketingWho’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketingDigital Transformation EXPO Event Series
 
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...Digital Transformation EXPO Event Series
 

More Related Content

Similar to Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Security

[243] turning data into value
[243] turning data into value[243] turning data into value
[243] turning data into valueNAVER D2
 
Introduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolutionIntroduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolutionDarian Frajberg
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceSparkCognition
 
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thCYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thUnited Technology Group (UTG)
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 yearsMehedi Hasan
 
Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science TJ Stalcup
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.pptbutest
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.pptbutest
 
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Alex Pinto
 
Cloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of GoogleCloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of GoogleData Con LA
 
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...Allen Day, PhD
 
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...eMadrid network
 
Big Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning DemystifiedBig Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning DemystifiedMatt Stubbs
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, NvidiaODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, NvidiaAlex Ermolaev
 

Similar to Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Security (20)

[243] turning data into value
[243] turning data into value[243] turning data into value
[243] turning data into value
 
Machine Learning
Machine LearningMachine Learning
Machine Learning
 
Introduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolutionIntroduction to the Artificial Intelligence and Computer Vision revolution
Introduction to the Artificial Intelligence and Computer Vision revolution
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack SurfaceHow to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
 
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10thCYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
CYBERSECURITY: Game Planning for Success lunch and learn event, April 10th
 
Digital forensics research: The next 10 years
Digital forensics research: The next 10 yearsDigital forensics research: The next 10 years
Digital forensics research: The next 10 years
 
Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science Thinkful DC - Intro to Data Science
Thinkful DC - Intro to Data Science
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.ppt
 
dell_ml_rm.ppt
dell_ml_rm.pptdell_ml_rm.ppt
dell_ml_rm.ppt
 
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
Secure Because Math: A Deep-Dive on Machine Learning-Based Monitoring (#Secur...
 
Cloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of GoogleCloud Accelerated Genomics by Allen Day of Google
Cloud Accelerated Genomics by Allen Day of Google
 
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
20170428 - Look to Precision Agriculture to Bootstrap Precision Medicine - Cu...
 
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
2022_11_11 «Biometrics and Behavior Understanding Technologies for e-Learning...
 
eForensics_17_2013_KMOKER
eForensics_17_2013_KMOKEReForensics_17_2013_KMOKER
eForensics_17_2013_KMOKER
 
Big Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning DemystifiedBig Data LDN 2017: Deep Learning Demystified
Big Data LDN 2017: Deep Learning Demystified
 
Using Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced ThreatsUsing Big Data to Counteract Advanced Threats
Using Big Data to Counteract Advanced Threats
 
323462348
323462348323462348
323462348
 
323462348
323462348323462348
323462348
 
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, NvidiaODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
ODSC Presentation "Putting Deep Learning to Work" by Alex Ermolaev, Nvidia
 
AI in healthcare - Use Cases
AI in healthcare - Use Cases AI in healthcare - Use Cases
AI in healthcare - Use Cases
 

More from Digital Transformation EXPO Event Series

Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketingWho’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketingDigital Transformation EXPO Event Series
 
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...Digital Transformation EXPO Event Series
 
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...Cloud in the Spotlight: How a National Institution ripped up the rule book wi...
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...Digital Transformation EXPO Event Series
 
Splunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningSplunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningDigital Transformation EXPO Event Series
 
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...Digital Transformation EXPO Event Series
 
AI is moving from its academic roots to the forefront of business and industry
AI is moving from its academic roots to the forefront of business and industryAI is moving from its academic roots to the forefront of business and industry
AI is moving from its academic roots to the forefront of business and industryDigital Transformation EXPO Event Series
 
Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any LongerWhy Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any LongerDigital Transformation EXPO Event Series
 

More from Digital Transformation EXPO Event Series (20)

Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketingWho’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
Who’s afraid of GDPR: the application of Legitimate Interest in B2B marketing
 
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
Unleashing the Potential of Object Storage & Accelerating Cloud-First Initiat...
 
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile EraThe Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
The Future of SD-WAN: WAN Transformation in the Cloud and Mobile Era
 
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...Cloud in the Spotlight: How a National Institution ripped up the rule book wi...
Cloud in the Spotlight: How a National Institution ripped up the rule book wi...
 
What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?What happens if you’re not ready for the GDPR?
What happens if you’re not ready for the GDPR?
 
Moving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WANMoving Beyond the Router to a Thin-branch or Application-driven SD-WAN
Moving Beyond the Router to a Thin-branch or Application-driven SD-WAN
 
A modern approach to cloud computing
A modern approach to cloud computing A modern approach to cloud computing
A modern approach to cloud computing
 
Citrix NetScaler SD-WAN - What’s New, What’s Hot?
Citrix NetScaler SD-WAN - What’s New, What’s Hot?Citrix NetScaler SD-WAN - What’s New, What’s Hot?
Citrix NetScaler SD-WAN - What’s New, What’s Hot?
 
Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV Evolving the WAN for the Cloud, using SD-WAN & NFV
Evolving the WAN for the Cloud, using SD-WAN & NFV
 
Splunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learningSplunk for AIOps: Reduce IT outages through prediction with machine learning
Splunk for AIOps: Reduce IT outages through prediction with machine learning
 
Lean Analytics: How to get more out of your data science team
Lean Analytics: How to get more out of your data science teamLean Analytics: How to get more out of your data science team
Lean Analytics: How to get more out of your data science team
 
Top 5 Lessons Learned in Deploying AI in the Real World
Top 5 Lessons Learned in Deploying AI in the Real WorldTop 5 Lessons Learned in Deploying AI in the Real World
Top 5 Lessons Learned in Deploying AI in the Real World
 
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
Bringing Enterprise to the Blockchain - Moving from Science Experiment to Pra...
 
Data Science Is More Than Just Statistics
Data Science Is More Than Just StatisticsData Science Is More Than Just Statistics
Data Science Is More Than Just Statistics
 
Breaking down the Microsoft AI Platform
Breaking down the Microsoft AI Platform Breaking down the Microsoft AI Platform
Breaking down the Microsoft AI Platform
 
The convergence of Data Science and Software Development
The convergence of Data Science and Software DevelopmentThe convergence of Data Science and Software Development
The convergence of Data Science and Software Development
 
The future impact of AI in cybercrime
The future impact of AI in cybercrimeThe future impact of AI in cybercrime
The future impact of AI in cybercrime
 
Digital Innovation in Medical Gases
Digital Innovation in Medical GasesDigital Innovation in Medical Gases
Digital Innovation in Medical Gases
 
AI is moving from its academic roots to the forefront of business and industry
AI is moving from its academic roots to the forefront of business and industryAI is moving from its academic roots to the forefront of business and industry
AI is moving from its academic roots to the forefront of business and industry
 
Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any LongerWhy Your Business Can’t Ignore the Need for a Password Manager Any Longer
Why Your Business Can’t Ignore the Need for a Password Manager Any Longer
 

Recently uploaded

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 

Deep Dive Into Deep Learning : How AI is Powering the Future of Endpoint Security

  • 1. Deep Dive Into Deep Learning Greg Iddon Senior Product Manager April 2018
  • 2. 2
  • 3. The Threat Landscape Has Shifted 3 Exploits Most organizations have no exploit prevention^ 83% agree it has become more difficult to stop threats ^ Advanced Threats Ransomware 54% of organizations hit twice on average in 2017^ ^Source: The State of Endpoint Security Today SurveySource: SophosLabs 26% 20% 20% 12% 12% 8% Advanced Malware Ransomware Email Malware Web Malware Generic Malware Cryptocurrency
  • 4. Vulnerabilities Waiting to Be Exploited 4 Software Vulnerabilities Reported by Year Source information NIST National Vulnerability Database as of 6th January 2018 https://nvd.nist.gov/vuln/search/statistics. 4,639 4,150 5,288 5,187 7,937 6,487 6,447 14,643 5,456 2010 2011 2012 2013 2014 2015 2016 2017 2018 16,368
  • 5. 75% 75% of the malicious files SophosLabs detects are found only within a single organization. 400,000 SophosLabs receives and processes 400,000 previously unseen malware samples each day. The Age of Single-Use / Unseen Malware
  • 6. 6
  • 7. 7
  • 8. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 9. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 10. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 11. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 12. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 13. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 14. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 15. 8”Recognize Dog Deep Learning Training Set” - https://github.com/yskmt/dog_recognition
  • 16. 16 Artificial Intelligence Machine Learning K-Means Hidden Markov Nearest Neighbor Clustering, Statistical distribution Deep Learning Decision Trees
  • 17. A Simple Algorithm 17 70 80 90 100 110 120 130 140 150 160 1 2 3 4 5 6 7 8 9 10 11 12 Height(cm) Age (years)
  • 18. A Simple Algorithm 18 y = 6.8242x + 70.653 70 80 90 100 110 120 130 140 150 160 1 2 3 4 5 6 7 8 9 10 11 12 Height(cm) Age (years)
  • 19. Machine Learning vs Signatures 19 • Machine learning’s job is to place the blue line in the best place possible • Human analysts do the same thing: (e.g. defining that if file size > 2000000 and compression level > 0.5, it’s malware) 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size ?
  • 20. Overfitting 20 • Limited data when training a model can result in overfitting • False Positives are hard to avoid with generic machine learning algorithms 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size
  • 21. Overfitting 21 • Limited data when training a model can result in overfitting • False Positives are hard to avoid with generic machine learning algorithms 0 0.2 0.4 0.6 0.8 1 1.2 0 500000 1000000 1500000 2000000 2500000 3000000 CompressionLevel File Size
  • 22. Adding dimensions: A classifier in three dimensions File size • The blue plane is the machine learning model, defined by a simple equation • Humans can still write a rule that expresses the same basic idea: (e.g. if file size > 2000000 and compression level > 0.5 and number of strings > 1000, it’s malware)
  • 23. 23 Artificial Intelligence Machine Learning K-Means Hidden Markov Nearest Neighbor Clustering, Statistical distribution Deep Learning Decision Trees
  • 26. Deep Neural Networks are the top performing classifiers, highlighting the added value of Deep Neural Networks over other more conventional methods. Moreover, [Deep Neural Networks] performed significantly better at almost one standard deviation higher than the mean performance. 26 Beyond the hype: deep neural networks outperform established methods using a ChEMBL bioactivity benchmark set Eelke B. Lenselink, Niels ten Dijke, Brandon Bongers, George Papadatos, Herman W. T. van Vlijmen, Wojtek Kowalczyk, Adriaan P. IJzerman and Gerard J. P. van Westen
  • 27. Machine Learning vs. Deep LearningDEEPLEARNING Interconnected Layers of Neurons, Each Identifying More Complex Features INPUT OUTPUT OUTPUT MACHINELEARNING Decision Tree INPUT Random Forest OUTPUTINPUT
  • 28. Deep Learning Neural Network Faster o DL detections in 20-100 milliseconds per file o Traditional ML 100-500 milliseconds per file Smaller o Deep learning models are about 10-20 MB o Traditional ML models can get huge 500 MB-10 GB Smarter o Deep learning provides proven higher detection rates that improve with more data o Traditional ML has lower detection rates and diminishing returns with more data
  • 29. 29
  • 30. 30
  • 31. Deep Learning Neural Networks 31 DEEPLEARNING Interconnected Layers of Neurons, Each Identifying More Complex Features INPUT 6 7 8 9 10 OUTPUT 1 2 3 4 5 INPUT OUTPUT 3
  • 33. Unprecedented Synergies of Man and Machine LABS: Source 100s of millions of samples for the best possible predictions LABS: Use established Labs systems and processes to ensure labeling precision DATA SCIENCE: Create the most efficient algorithms for solving hard cybersecurity problems DATA SCIENCE + LABS: Continuously incorporate feedback to improve system accuracy and predictive power Only Sophos has this critical combination of Labs Research and Data Science For the first time ever, we can memorize the entire observable threat universe.
  • 34.
  • 36. 36