SlideShare a Scribd company logo

Machine learning and Cybersecurity

Download as PPTX, PDF
Sravan Ankaraju
Sravan Ankaraju

Can Machine Learning help organization improve Data Security? Are there limitations to Machine Learning? What about ML for Advanced Persistent Threats?

Data & Analytics
1 of 22
MACHINE LEARNING AND CYBERSECURITY AUGUST 24th, 2017 Based on the work of Cristina Vatamanu @BitDefender SRAVAN ANKARAJU FOUNDER & CEO DIVERGENCE ACADEMY
Can Machine Learning Help Organizations Improve Data Security?
YES. BUT HOW SO?  Models based on Machine Learning are more robust. • Machine Learning has become more proactive defense against malware • Most threats are file-based. Machine Learning Models are designed for static analysis. ML integrated into protection layer of file scanning is a proactive solution. • In the past Signature based Threat Detection was to bypass with some minor changes • It gives bad guy’s headaches.
HOW SO? File scanning protection layer is just one layer
Are there limitations to Machine Learning?
LIMITATION #1 – TECHNOLOGY ITSELF Balance of three dimensions: Detection Rate, Number of False Positives, Performance Impact 1. NUMBER OF FALSE POSITIVES • If you make algorithms too generic, they will be prone to False Positives • IF you restrict them, they will cause False Negatives 2. DETECTION RATE • Tuning becomes important • This technology has to be backed up by other technologies such as Whitelisting or other detection methods 3. PERFORMANCE IMPACT • If you have to be proactive, then you have to use complex models • Complex models will have lead for performance impact
LIMITATION #2 – TYPE OF ATTACKS THAT A PROTECION LAYER CAN HANDLE • Some bypass the protection layer of file scanning • You need models for example that scan memory pages, ones that can intercept the vulnerabilities that are being exploited
What about Machine Learning in Advanced Persistent Threats?
USE OF ML IN APT • Advanced Persistent Threats are more discrete • Guy’s in such an attack have more knowledge about their victims • Know what security solution is in the enterprise’s network • They will never send a file that can be detected by security solution • If a security solution has multiple layers of protection, ex. One based on Dynamic Behavior, Correlating Events from Company’s network
Is Machine Learning the CURE for all security issues?
PURPOSE OF MACHINE LEARNING • Machine Learning is a Detection Tool • Machine Learning cannot be a protection layer by itself • Machine Learning can augment the value of protection layer
CRITERIA TO EVALUATE SECURITY SOLUTIONS 1. What are the protection layers? 2. Are there Spam Filters, and Anti- Phishing Filters? 3. Is there a Protection layer designed for File Scanning or Memory Page Scanning? 4. Are there techniques in the solution built on Dynamic Behaviors, and Network Anomalies? 5. Is Machine Learning being used in any of the layers?  All of these have to work together to protect against different types of threats
ATTACKS ARE GETTING MORE SOPHISTICATED • Distributed Denial of Service (DDoS) • Ransomware Attacks • Insiders • Somebody pretending to be insiders • BYOD leads you to new challenges • Outsource Tier-1 and Tier-2 Engagements?? • Information Assurance
DIVERGENCE ACADEMY PARTNERED WITH
DIVERGENCE ACADEMY PARTNERED WITH
DIVERGENCE ACADEMY PARTNERED WITH
DIVERGENCE ACADEMY PARTNERED WITH
SORTING A KICK OFF SORTING B STARTS 40 HOURS A WEEK EXTENDED A+B TOGETHER ALL THE WAY UNTIL THE END OF A A FINISHED, B CONTINUES UNTIL THE END 09/25/17 10/30/17 11/06/17 01/24/17
FUNDING OPTIONS • Skills.fund - https://divergence.skills.fund. 36 or 60 month loans. Living Expenses of $1500/month for three months also available for out-of-state students. • Workforce Innovation Opportunity Act (WIOA) funds • Divergence Academy Tuition Installment (TADS) - 9 month installment – 50% in the first 4 months, rest in 5 months.
JOIN TODAY TO BE THE NEXT CYBER PROFESSIONAL

Recommended

NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...North Texas Chapter of the ISSA
 
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad AndrewsNTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad AndrewsNorth Texas Chapter of the ISSA
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdfMing Man Chan
 
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad AndrewsNTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad AndrewsNorth Texas Chapter of the ISSA
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policyeverestsky66
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awarenessTerranovatraining
 
Acronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information securityMajor Hayden
 

Recommended

NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...
NTXISSACSC2 - Next-Generation Security and the Problem of Exploitation by Mat...North Texas Chapter of the ISSA
 
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad AndrewsNTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 3 - DREAD by Brad AndrewsNorth Texas Chapter of the ISSA
 
Cyber Security vs.pdf
Cyber Security vs.pdfCyber Security vs.pdf
Cyber Security vs.pdfMing Man Chan
 
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad AndrewsNTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad Andrews
NTXISSACSC2 - Threat Modeling Part 2 - STRIDE by Brad AndrewsNorth Texas Chapter of the ISSA
 
Computer Security Policy
Computer Security PolicyComputer Security Policy
Computer Security Policyeverestsky66
 
Raising information security awareness
Raising information security awarenessRaising information security awareness
Raising information security awarenessTerranovatraining
 
Acronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis Active Protection: A Way To Combat Ransomware Attack
Acronis Active Protection: A Way To Combat Ransomware AttackAcronis
 
Five things I learned about information security
Five things I learned about information securityFive things I learned about information security
Five things I learned about information securityMajor Hayden
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End UsersCommunity IT Innovators
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness Net at Work
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISSaazan Shrestha
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness courseAbdul Manaf Vellakodath
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrowJonathan Sinclair
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsFat-Thing Gabriel-Culley
 
Computer Security Policy D
Computer Security Policy DComputer Security Policy D
Computer Security Policy Dguest34b014
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?jeremyhall724
 
Self defending networks
Self defending networksSelf defending networks
Self defending networksRavi Kumar Pawanism
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Self Defending Network
Self Defending NetworkSelf Defending Network
Self Defending NetworkSwarna Gautam
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness ProgramCommLab India – Rapid eLearning Solutions
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT SecurityJonathan Sinclair
 
High time to add machine learning to your information security stack
High time to add machine learning to your information security stackHigh time to add machine learning to your information security stack
High time to add machine learning to your information security stackMinhaz A V
 
How to Get the Most Out of Security Tools
How to Get the Most Out of Security ToolsHow to Get the Most Out of Security Tools
How to Get the Most Out of Security ToolsSecurity Innovation
 

More Related Content

What's hot

Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness Net at Work
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISSaazan Shrestha
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrowJonathan Sinclair
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniqueswaqasahmad1995
 
Computer Security Policy D
Computer Security Policy DComputer Security Policy D
Computer Security Policy Dguest34b014
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessmentprimeteacher32
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?jeremyhall724
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Self Defending Network
Self Defending NetworkSelf Defending Network
Self Defending NetworkSwarna Gautam
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security RiskDedi Dwianto
 

What's hot (20)

Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
The myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MISThe myth of secure computing; management information system; MIS
The myth of secure computing; management information system; MIS
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
 
Network Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and TechniquesNetwork Security: Attacks, Tools and Techniques
Network Security: Attacks, Tools and Techniques
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Computer Security Policy D
Computer Security Policy DComputer Security Policy D
Computer Security Policy D
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessment
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?How Computer Network Support System Work Against Hacking?
How Computer Network Support System Work Against Hacking?
 
Self defending networks
Self defending networksSelf defending networks
Self defending networks
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Self Defending Network
Self Defending NetworkSelf Defending Network
Self Defending Network
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
 

Similar to Machine learning and Cybersecurity

High time to add machine learning to your information security stack
High time to add machine learning to your information security stackHigh time to add machine learning to your information security stack
High time to add machine learning to your information security stackMinhaz A V
 
How to Get the Most Out of Security Tools
How to Get the Most Out of Security ToolsHow to Get the Most Out of Security Tools
How to Get the Most Out of Security ToolsSecurity Innovation
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Can You Really Automate Yourself Secure
Can You Really Automate Yourself SecureCan You Really Automate Yourself Secure
Can You Really Automate Yourself SecureCigital
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIAhmed Banafa
 
Security Transformation
Security TransformationSecurity Transformation
Security TransformationFaisal Yahya
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application SecurityChristian Martorella
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)abhimanyubhogwan
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare ☁
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceQualys
 
Threat Modeling - Locking the Door to Vulnerabilities
Threat Modeling - Locking the Door to VulnerabilitiesThreat Modeling - Locking the Door to Vulnerabilities
Threat Modeling - Locking the Door to VulnerabilitiesSecurity Innovation
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherWendy Knox Everette
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopMichele Chubirka
 

Similar to Machine learning and Cybersecurity (20)

High time to add machine learning to your information security stack
High time to add machine learning to your information security stackHigh time to add machine learning to your information security stack
High time to add machine learning to your information security stack
 
How to Get the Most Out of Security Tools
How to Get the Most Out of Security ToolsHow to Get the Most Out of Security Tools
How to Get the Most Out of Security Tools
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Can You Really Automate Yourself Secure
Can You Really Automate Yourself SecureCan You Really Automate Yourself Secure
Can You Really Automate Yourself Secure
 
Module 6.pptx
Module 6.pptxModule 6.pptx
Module 6.pptx
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
Application Threat Modeling
Application Threat ModelingApplication Threat Modeling
Application Threat Modeling
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AI
 
Security Transformation
Security TransformationSecurity Transformation
Security Transformation
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
 
Threat modelling(system + enterprise)
Threat modelling(system + enterprise)Threat modelling(system + enterprise)
Threat modelling(system + enterprise)
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
Threat Modeling - Locking the Door to Vulnerabilities
Threat Modeling - Locking the Door to VulnerabilitiesThreat Modeling - Locking the Door to Vulnerabilities
Threat Modeling - Locking the Door to Vulnerabilities
 
Security engineering 101 when good design & security work together
Security engineering 101 when good design & security work togetherSecurity engineering 101 when good design & security work together
Security engineering 101 when good design & security work together
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The Workshop
 

Recently uploaded

Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Delhi Call girls
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023ymrp368
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptxAnupama Kate
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysismanisha194592
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecurePooja Nehwal
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130Suhani Kapoor
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxolyaivanovalion
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusTimothy Spann
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfadriantubila
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxfirstjob4
 
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girl
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girlCall Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girl
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girlkumarajju5765
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxolyaivanovalion
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz1
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxolyaivanovalion
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...amitlee9823
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxolyaivanovalion
 
ALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptxALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptxolyaivanovalion
 

Recently uploaded (20)

Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
Best VIP Call Girls Noida Sector 39 Call Me: 8448380779
 
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Punjabi Bagh 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023Data-Analysis for Chicago Crime Data 2023
Data-Analysis for Chicago Crime Data 2023
 
100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx100-Concepts-of-AI by Anupama Kate .pptx
100-Concepts-of-AI by Anupama Kate .pptx
 
April 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's AnalysisApril 2024 - Crypto Market Report's Analysis
April 2024 - Crypto Market Report's Analysis
 
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% SecureCall me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
 
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
VIP Call Girls Service Miyapur Hyderabad Call +91-8250192130
 
Edukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFxEdukaciniai dropshipping via API with DroFx
Edukaciniai dropshipping via API with DroFx
 
Generative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and MilvusGenerative AI on Enterprise Cloud with NiFi and Milvus
Generative AI on Enterprise Cloud with NiFi and Milvus
 
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdfAccredited-Transport-Cooperatives-Jan-2021-Web.pdf
Accredited-Transport-Cooperatives-Jan-2021-Web.pdf
 
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
(PARI) Call Girls Wanowrie ( 7001035870 ) HI-Fi Pune Escorts Service
 
Introduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptxIntroduction-to-Machine-Learning (1).pptx
Introduction-to-Machine-Learning (1).pptx
 
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girl
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girlCall Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girl
Call Girls 🫤 Dwarka ➡️ 9711199171 ➡️ Delhi 🫦 Two shot with one girl
 
BabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptxBabyOno dropshipping via API with DroFx.pptx
BabyOno dropshipping via API with DroFx.pptx
 
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signalsInvezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
 
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptxRavak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
 
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in KishangarhDelhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
 
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
Chintamani Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore ...
 
VidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptxVidaXL dropshipping via API with DroFx.pptx
VidaXL dropshipping via API with DroFx.pptx
 
ALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptxALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptx
 

Machine learning and Cybersecurity

  • 1. MACHINE LEARNING AND CYBERSECURITY AUGUST 24th, 2017 Based on the work of Cristina Vatamanu @BitDefender SRAVAN ANKARAJU FOUNDER & CEO DIVERGENCE ACADEMY
  • 2.
  • 3. Can Machine Learning Help Organizations Improve Data Security?
  • 4. YES. BUT HOW SO?  Models based on Machine Learning are more robust. • Machine Learning has become more proactive defense against malware • Most threats are file-based. Machine Learning Models are designed for static analysis. ML integrated into protection layer of file scanning is a proactive solution. • In the past Signature based Threat Detection was to bypass with some minor changes • It gives bad guy’s headaches.
  • 5. HOW SO? File scanning protection layer is just one layer
  • 6. Are there limitations to Machine Learning?
  • 7. LIMITATION #1 – TECHNOLOGY ITSELF Balance of three dimensions: Detection Rate, Number of False Positives, Performance Impact 1. NUMBER OF FALSE POSITIVES • If you make algorithms too generic, they will be prone to False Positives • IF you restrict them, they will cause False Negatives 2. DETECTION RATE • Tuning becomes important • This technology has to be backed up by other technologies such as Whitelisting or other detection methods 3. PERFORMANCE IMPACT • If you have to be proactive, then you have to use complex models • Complex models will have lead for performance impact
  • 8. LIMITATION #2 – TYPE OF ATTACKS THAT A PROTECION LAYER CAN HANDLE • Some bypass the protection layer of file scanning • You need models for example that scan memory pages, ones that can intercept the vulnerabilities that are being exploited
  • 9. What about Machine Learning in Advanced Persistent Threats?
  • 10. USE OF ML IN APT • Advanced Persistent Threats are more discrete • Guy’s in such an attack have more knowledge about their victims • Know what security solution is in the enterprise’s network • They will never send a file that can be detected by security solution • If a security solution has multiple layers of protection, ex. One based on Dynamic Behavior, Correlating Events from Company’s network
  • 11. Is Machine Learning the CURE for all security issues?
  • 12. PURPOSE OF MACHINE LEARNING • Machine Learning is a Detection Tool • Machine Learning cannot be a protection layer by itself • Machine Learning can augment the value of protection layer
  • 13. CRITERIA TO EVALUATE SECURITY SOLUTIONS 1. What are the protection layers? 2. Are there Spam Filters, and Anti- Phishing Filters? 3. Is there a Protection layer designed for File Scanning or Memory Page Scanning? 4. Are there techniques in the solution built on Dynamic Behaviors, and Network Anomalies? 5. Is Machine Learning being used in any of the layers?  All of these have to work together to protect against different types of threats
  • 14. ATTACKS ARE GETTING MORE SOPHISTICATED • Distributed Denial of Service (DDoS) • Ransomware Attacks • Insiders • Somebody pretending to be insiders • BYOD leads you to new challenges • Outsource Tier-1 and Tier-2 Engagements?? • Information Assurance
  • 17.
  • 20. SORTING A KICK OFF SORTING B STARTS 40 HOURS A WEEK EXTENDED A+B TOGETHER ALL THE WAY UNTIL THE END OF A A FINISHED, B CONTINUES UNTIL THE END 09/25/17 10/30/17 11/06/17 01/24/17
  • 21. FUNDING OPTIONS • Skills.fund - https://divergence.skills.fund. 36 or 60 month loans. Living Expenses of $1500/month for three months also available for out-of-state students. • Workforce Innovation Opportunity Act (WIOA) funds • Divergence Academy Tuition Installment (TADS) - 9 month installment – 50% in the first 4 months, rest in 5 months.
  • 22. JOIN TODAY TO BE THE NEXT CYBER PROFESSIONAL