This document discusses machine learning approaches for cyber security, specifically malware detection. It begins with an introduction to cyber security and machine learning. It then discusses using machine learning for malware detection, including analyzing files through static and dynamic analysis. The document outlines extracting features from files and using text categorization approaches. It evaluates various machine learning classifiers and features for malware detection. Finally, it discusses applying these techniques on Android devices for abnormal state detection.
This deck is from Interpol Conference 2017, these slides shows the holistic view of machine learning in cyber security for better organization readiness
A technical seminar delivered on Machine learning in cybersecurity. Machine learning is trending and desired subject this presentation demonstrates how machine learning can be used to protect IT infrastructure
How is ai important to the future of cyber security Robert Smith
Today’s era is driven by technology in every aspect of our lives, so much that we’ve now increased our dependence on technology on a daily basis. With an increase in the dependency, we’re now very vulnerable and exposed to the intermittent threat posed as cyber-attacks. Cyber-attack threats have plagued businesses, corporates, governments, and institutions.
For Reference watch my YouTube Video - https://youtu.be/NqvNFwa0hQc
Hey Everyone!
This is my complete talk in a virtual conference for cybersecurity researchers that has been hosted by Bsides Maharashtra and thanks to them that they provided me an opportunity to share my thoughts and knowledge with passionate and budding cybersecurity researchers, Hackers, Bug Hunters, and geeks. My talk is all about the detailed explanation of AI in Cyber Security and this should be listened to by every Cyber Sec Person who wants to learn about How AI Can Help In Cyber Security. I have explained the most and every basic to advance information. So do give it a look and understand the concepts and share as much as you can. Thank you Bsides Maharashtra for inviting me. I am happy and excited to be a part of your event.
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
vent details
Date - 25th to 27th November 2020
CTF
Workshop
Speaker session
website - https://bsidesmaharashtra.com/
Security BSides is a community-driven framework for building events by and for information security community members. These events are already happening in major cities all over the world! We are responsible for organizing an independent BSides approved event for Delhi, India. We’re a volunteer organized event (we have no paid staff), and we truly strive to keep information accessible for everyone.
The idea behind the Security BSides Delhi is to organize an Information Security gathering where professionals, experts, researchers, and InfoSec enthusiasts come together to discuss. It creates opportunities for individuals to both presents and participates in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
Feel free to use the slide but give credit somewhere :)
This deck is from Interpol Conference 2017, these slides shows the holistic view of machine learning in cyber security for better organization readiness
A technical seminar delivered on Machine learning in cybersecurity. Machine learning is trending and desired subject this presentation demonstrates how machine learning can be used to protect IT infrastructure
How is ai important to the future of cyber security Robert Smith
Today’s era is driven by technology in every aspect of our lives, so much that we’ve now increased our dependence on technology on a daily basis. With an increase in the dependency, we’re now very vulnerable and exposed to the intermittent threat posed as cyber-attacks. Cyber-attack threats have plagued businesses, corporates, governments, and institutions.
For Reference watch my YouTube Video - https://youtu.be/NqvNFwa0hQc
Hey Everyone!
This is my complete talk in a virtual conference for cybersecurity researchers that has been hosted by Bsides Maharashtra and thanks to them that they provided me an opportunity to share my thoughts and knowledge with passionate and budding cybersecurity researchers, Hackers, Bug Hunters, and geeks. My talk is all about the detailed explanation of AI in Cyber Security and this should be listened to by every Cyber Sec Person who wants to learn about How AI Can Help In Cyber Security. I have explained the most and every basic to advance information. So do give it a look and understand the concepts and share as much as you can. Thank you Bsides Maharashtra for inviting me. I am happy and excited to be a part of your event.
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
vent details
Date - 25th to 27th November 2020
CTF
Workshop
Speaker session
website - https://bsidesmaharashtra.com/
Security BSides is a community-driven framework for building events by and for information security community members. These events are already happening in major cities all over the world! We are responsible for organizing an independent BSides approved event for Delhi, India. We’re a volunteer organized event (we have no paid staff), and we truly strive to keep information accessible for everyone.
The idea behind the Security BSides Delhi is to organize an Information Security gathering where professionals, experts, researchers, and InfoSec enthusiasts come together to discuss. It creates opportunities for individuals to both presents and participates in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
Feel free to use the slide but give credit somewhere :)
With the increasingly connected world revolving around the revolution of internet and new technologies like mobiles, smartphones, and tablets, and with the wide usage of wireless technologies, the information security risks have increased. Both individuals and organizations are under regular attacks for commercial or non-commercial gains. The objectives of such attacks may be to take revenge, malign the reputation of a competitor organization, understand the strategies and sensitive information about the competitor, simply have fun of exploiting the vulnerabilities. Hence, the need to protect information assets and ensure information security receives adequate attention.
In this session, I will discuss how AI and Machine Learning can be applied in detecting, predicting and preventing cyber security/information security vulnerabilities and what are the benefits of using Machine Learning and AI. We also touch upon some of the tools available to perform the same.
I was invited to present a talk on "Artificial Intelligence for Cyber Security" for #GirlsInAIHack2021 by #TeenInAIFiji. It was my honor to be there and share my words with the participants and I wish all the participants the best wishes.
Girls from 25 counties aged 12-18 had participated in this Hackathon. They were using Hot Technologies like AI and ML to fight world problems to make good. The event was started on #InternationalWomensDay2021. Total of 1000 participations
500+ Mentors & Organizers
120+ International Speakers were part of it
You can watch it here - https://youtu.be/rhWyt68yuI0
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
You can use the slides but give credit somewhere
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Sqrrl
This presentation explains how security teams can leverage hunting and analytics to detect advanced threats faster, more reliably, and with common analyst skill sets. Watch the presentation with audio here: http://info.sqrrl.com/threat-hunting-and-ueba-webinar
Using Machine Learning in Networks Intrusion Detection SystemsOmar Shaya
The internet and different computing devices from desktop computers to smartphones have raised many security and privacy concerns, and the need to automate systems that detect attacks on these networks has emerged in order to be able to protect these networks with scale. And while traditional intrusion detection methods may be able to detect previously known attacks, the issue of dealing with new unknown attacks arises and that brings machine learning as a strong candidate to solve these challenges.
In this report, we investigate the use of machine learning in detecting network attacks, intrusion detection, by looking at work that has been done in this field. Particularly we look at the work that has been done by Pasocal et al.
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
Machine Learning (ML) and Artificial Intelligence (AI) have been proclaimed as perhaps the next great leap in human quality of life, as well as a potential reason for our extinction. Somewhere in between lies how ML & AI can potentially improve our Cyber Security efforts. But are ML & AI a true panacea or merely the next shiny trinket for the cyber industry to fixate on? In this webinar we will explore:
How ML & AI are currently being utilized in cyber security efforts.
What is working and what has not worked
What is on the both the short term and near-term horizon for ML &AI
Practical steps you can take now to begin leveraging these technologies to tangibly improve your cyber security posture
Join our panel of industry experts as we explore this brave new frontier in cyber security with a candid look cutting through the hype.
“AI techniques in cyber-security applications”. Flammini lnu susec19Francesco Flammini
▪ “AI techniques in cyber-security applications”. Invited speech at “Sunetdagarna våren 2019” (conference of the association of Swedish universities), April 1-4 2019, Växjö, Sweden.
Can we use data to train Machine Learning models, perform statistical analysis, yet without putting private data on risk? There are tools and techniques such as Federated Learning, Differential Privacy or Homomorphic Encryption enabling safer work on the data.
With the growth of computer networking, electronic commerce and web services, security networking systems have become very important to protect infomation and networks againts malicious usage or attacks. In this report, it is designed an Intrusion Detection System using two artificial neural networks: one for Intrusion Detection and the another for Attack Classification.
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
Presented at BSides Perth 2019
Synopsis:
Although the practice of collecting and using intelligence has been studied and conducted by governments and the military for centuries, it’s relative application to Cyber Security has only recently been highlighted. This area of infosec has been termed Cyber Threat Intelligence, where the marriage of traditional intelligence techniques and analysis with deep technical understanding within the Cyber domain are used to predict future actions by threats through long term analysis and modelling. This approach is then used to support both proactive and reactive cyber security actions, from incident response to penetration testing. This presentation focuses on threat intelligence from a practical data perspective, moving away from just the commercial concept of threat intelligence feeds (although these form one part of the equation). This presentation will approach threat intelligence from an analysts perspective of what questions needs to be answered to effectively investigate an incident, using the Diamond Model and Cyber Kill Chain as framing devices. These questions will then lead to examples of the data that can be used to answer these questions. Although traditionally data collection has focused on external cyber information, more often than not however, it’s actions outside of those seen within an organisations network, or even outside cyberspace that can provide context to the actions a threat takes. Finally, we provide a number of use cases on which the results of threat intelligence processes can be applied within a Security Operations Centre, including Incident Response as well as traditional Penetration Testing and Red Teaming.
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?SahilRao25
Let's take a look at implementations of AI or machine learning in the cybersecurity world. To know more: https://www.softwarefirms.co/blog/ai-and-machine-learning-in-cybersecurity-a-saviour-or-enemy?utm_source=Social+media&utm_medium=Traffic&utm_campaign=SR
Machine learning is a type of artificial intelligence (AI) that provides computers with the ability to learn without being explicitly programmed. Machine learning focuses on the development of computer programs that can teach themselves to grow and change when exposed to new data.
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI.
Amongst others, the webinar covers:
• AI & Privacy
• Generative AI, Models & Cybersecurity
• AI & ISO/IEC 27032
Presenters:
Christian Grafenauer
Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307.
Akin Johnson
Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape.
Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets.
Lucas Falivene
Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards.
Date: July 26, 2023
YouTube Link: https://youtu.be/QPDcROniUcc
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityTasnim Alasali
Discover how AI is reshaping cybersecurity. This presentation delves into AI's role in enhancing threat detection, the balance of innovation and risk, and the strategies shaping the future of digital defense.
With the increasingly connected world revolving around the revolution of internet and new technologies like mobiles, smartphones, and tablets, and with the wide usage of wireless technologies, the information security risks have increased. Both individuals and organizations are under regular attacks for commercial or non-commercial gains. The objectives of such attacks may be to take revenge, malign the reputation of a competitor organization, understand the strategies and sensitive information about the competitor, simply have fun of exploiting the vulnerabilities. Hence, the need to protect information assets and ensure information security receives adequate attention.
In this session, I will discuss how AI and Machine Learning can be applied in detecting, predicting and preventing cyber security/information security vulnerabilities and what are the benefits of using Machine Learning and AI. We also touch upon some of the tools available to perform the same.
I was invited to present a talk on "Artificial Intelligence for Cyber Security" for #GirlsInAIHack2021 by #TeenInAIFiji. It was my honor to be there and share my words with the participants and I wish all the participants the best wishes.
Girls from 25 counties aged 12-18 had participated in this Hackathon. They were using Hot Technologies like AI and ML to fight world problems to make good. The event was started on #InternationalWomensDay2021. Total of 1000 participations
500+ Mentors & Organizers
120+ International Speakers were part of it
You can watch it here - https://youtu.be/rhWyt68yuI0
If you want to invite me for a webinar or conference connect
mail: hello@priyanshuratnakar.com or priyanshuratnakar@protonmail.com
You can use the slides but give credit somewhere
Threat Hunting vs. UEBA: Similarities, Differences, and How They Work Together Sqrrl
This presentation explains how security teams can leverage hunting and analytics to detect advanced threats faster, more reliably, and with common analyst skill sets. Watch the presentation with audio here: http://info.sqrrl.com/threat-hunting-and-ueba-webinar
Using Machine Learning in Networks Intrusion Detection SystemsOmar Shaya
The internet and different computing devices from desktop computers to smartphones have raised many security and privacy concerns, and the need to automate systems that detect attacks on these networks has emerged in order to be able to protect these networks with scale. And while traditional intrusion detection methods may be able to detect previously known attacks, the issue of dealing with new unknown attacks arises and that brings machine learning as a strong candidate to solve these challenges.
In this report, we investigate the use of machine learning in detecting network attacks, intrusion detection, by looking at work that has been done in this field. Particularly we look at the work that has been done by Pasocal et al.
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
Machine Learning (ML) and Artificial Intelligence (AI) have been proclaimed as perhaps the next great leap in human quality of life, as well as a potential reason for our extinction. Somewhere in between lies how ML & AI can potentially improve our Cyber Security efforts. But are ML & AI a true panacea or merely the next shiny trinket for the cyber industry to fixate on? In this webinar we will explore:
How ML & AI are currently being utilized in cyber security efforts.
What is working and what has not worked
What is on the both the short term and near-term horizon for ML &AI
Practical steps you can take now to begin leveraging these technologies to tangibly improve your cyber security posture
Join our panel of industry experts as we explore this brave new frontier in cyber security with a candid look cutting through the hype.
“AI techniques in cyber-security applications”. Flammini lnu susec19Francesco Flammini
▪ “AI techniques in cyber-security applications”. Invited speech at “Sunetdagarna våren 2019” (conference of the association of Swedish universities), April 1-4 2019, Växjö, Sweden.
Can we use data to train Machine Learning models, perform statistical analysis, yet without putting private data on risk? There are tools and techniques such as Federated Learning, Differential Privacy or Homomorphic Encryption enabling safer work on the data.
With the growth of computer networking, electronic commerce and web services, security networking systems have become very important to protect infomation and networks againts malicious usage or attacks. In this report, it is designed an Intrusion Detection System using two artificial neural networks: one for Intrusion Detection and the another for Attack Classification.
Cyber Threat Intelligence - It's not just about the feedsIain Dickson
Presented at BSides Perth 2019
Synopsis:
Although the practice of collecting and using intelligence has been studied and conducted by governments and the military for centuries, it’s relative application to Cyber Security has only recently been highlighted. This area of infosec has been termed Cyber Threat Intelligence, where the marriage of traditional intelligence techniques and analysis with deep technical understanding within the Cyber domain are used to predict future actions by threats through long term analysis and modelling. This approach is then used to support both proactive and reactive cyber security actions, from incident response to penetration testing. This presentation focuses on threat intelligence from a practical data perspective, moving away from just the commercial concept of threat intelligence feeds (although these form one part of the equation). This presentation will approach threat intelligence from an analysts perspective of what questions needs to be answered to effectively investigate an incident, using the Diamond Model and Cyber Kill Chain as framing devices. These questions will then lead to examples of the data that can be used to answer these questions. Although traditionally data collection has focused on external cyber information, more often than not however, it’s actions outside of those seen within an organisations network, or even outside cyberspace that can provide context to the actions a threat takes. Finally, we provide a number of use cases on which the results of threat intelligence processes can be applied within a Security Operations Centre, including Incident Response as well as traditional Penetration Testing and Red Teaming.
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?SahilRao25
Let's take a look at implementations of AI or machine learning in the cybersecurity world. To know more: https://www.softwarefirms.co/blog/ai-and-machine-learning-in-cybersecurity-a-saviour-or-enemy?utm_source=Social+media&utm_medium=Traffic&utm_campaign=SR
Machine learning is a type of artificial intelligence (AI) that provides computers with the ability to learn without being explicitly programmed. Machine learning focuses on the development of computer programs that can teach themselves to grow and change when exposed to new data.
Impact of Generative AI in Cybersecurity - How can ISO/IEC 27032 help?PECB
Generative AI offers great opportunities for innovation in various industries. Hence, by adopting ISO/IEC 27032, you can enhance your cybersecurity resilience and efficiently address the risks associated with generative AI.
Amongst others, the webinar covers:
• AI & Privacy
• Generative AI, Models & Cybersecurity
• AI & ISO/IEC 27032
Presenters:
Christian Grafenauer
Anonymization expert, privacy engineer, data protection officer, LegalTech researcher (GDPR, Blockchain, AI) Christian Grafenauer is an accomplished privacy engineer, anonymization expert, and computer science specialist, currently serving as the project lead for anonymity assessments at techgdpr. With an extensive background as a senior architect in Blockchain for IBM and years of research in the field since 2013, Christian co-founded privacy by Blockchain design to explore the potential of Blockchain technology in revolutionizing privacy and internet infrastructure. As a dedicated advocate for integrating legal and computer science disciplines, Christian’s expertise in anonymization and GDPR compliance enables innovative AI applications, ensuring a seamless fusion of technology and governance, particularly in the realm of smart contracts. In his role at techgdpr, he supports technical compliance, Blockchain, and AI initiatives, along with anonymity assessments. Christian also represents consumer interests as a member of the national Blockchain and DTL standardization committee at din (German standardization institute) in ISO/TC 307.
Akin Johnson
Akin J. Johnson is a renowned Cybersecurity Expert, known for his expertise in protecting digital systems from potential threats. With over a decade of experience in the field, Akin has developed a deep understanding of the ever-evolving cyber landscape.
Akin is an advocate for cybersecurity awareness and frequently shares his knowledge through speaking engagements, workshops, and publications. He firmly believes in the importance of educating individuals and organizations on the best practices for safeguarding their digital assets.
Lucas Falivene
Lucas is a highly experienced cybersecurity professional with a solid base in business, information systems, information security, and cybersecurity policy-making. A former Fulbright scholar with a Master of Science degree in Information Security Policy and Management at Carnegie Mellon University (Highest distinction) and a Master's degree in Information Security at the University of Buenos Aires (Class rank 1st). Lucas has participated in several trainings conducted by the FBI, INTERPOL, OAS, and SEI/CERT as well as in the development of 4 cyber ISO national standards.
Date: July 26, 2023
YouTube Link: https://youtu.be/QPDcROniUcc
AI Cybersecurity: Pros & Cons. AI is reshaping cybersecurityTasnim Alasali
Discover how AI is reshaping cybersecurity. This presentation delves into AI's role in enhancing threat detection, the balance of innovation and risk, and the strategies shaping the future of digital defense.
Attacks are evolving and so must the response – but how? This presentation explores how you get beyond the APT hype and strike a sensible balance between security expenditure and commercial risk. We explain what do you need to just keep doing, what’s new and what’s no longer effective.
Network Security is the process of taking physical and software preventative measures to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users and programs to perform their permitted critical functions within a secure environment. - sans.org
The typical process for investigating security-related alerts is labor intensive and largely manual. To make the situation more difficult, as attacks increase in number and diversity, there is an increasing array of detection systems deployed and generating even more alerts for security teams to investigate.
Netflix, like all organizations, has a finite amount of resources to combat this phenomenon, so we built FIDO to help. FIDO is an orchestration layer that automates the incident response process by evaluating, assessing and responding to malware and other detected threats.
Data Security Metricsa Value Based ApproachFlaskdata.io
In this Security management workshop, we introduce finance and business unit managers to a value-based approach for reducing security costs and minimizing Value at Risk
It will provide strategies and guidance for the recovery of
the underlying infrastructure, including the data centres,
servers, data storage and network links and Infrastructure
applications. The IT DRP will serve as a ‘master plan run book’
encompassing the key services and components of the IT
environment at the Organization.
Cellopoint Email UTM (unified threat management) appliance is an integrated security solution deployed in front of groupware/mail server. All modules – including security defense mechanisms, content auditing, email archiving, e-discovery, and email encryption can support various deployment scenarios.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
When Cyber Security Meets Machine Learning
1. When
Cyber Security
Meets
Machine Learning
Lior Rokach
Information Systems Eng., Ben-Gurion University of the Negev
College of Information Sciences and Technology, Penn State University
2. About Me
Prof. Lior Rokach
Department of Information Systems Engineering
Faculty of Engineering Sciences
Head of the Machine Learning Lab
Ben-Gurion University of the Negev
Email: liorrk@bgu.ac.il
PhD (2004) from Tel Aviv University
3. Why Cyber Security?
• Evolving Domain – Endless Game
• Plenty of Data
• Practical Contribution
• Strong support of the stakeholders
– Communications
– Collaborations
– Grants
7/30/2012 Ben-Gurion University
4. Cyber Security
Cyber security is defined as the intersection of
• computer security
• network security
• information security
2011
2008 2009 2010 2010
2011 SONY LOCKHEED
GHOSTNET AURORA STUXNET NASDAQ 4
MARTIN
5. Cyber Security
• Is a domain problem, not a domain solution,
thus, it seeks solutions from other areas.
• Traditionally, Security problems were aided by
Mathematical model. e.g.
– Secrecy – using cryptography
7/30/2012 Ben-Gurion University
6. Modern Cyber Security
• Deals with abstract threats which cannot be
solved only by using mathematical models:
– Malware detection.
– Intrusion detection.
– Data leakage, etc.
• Need for other research methods
7/30/2012 Ben-Gurion University
8. The concept of learning in a ML system
• Learning = Improving with experience at some
task
– Improve over task T,
– With respect to performance measure, P
– Based on experience, E.
8
9. Motivating Example
Learning to Filter Spam
Example: Spam Filtering
Spam - an email that the user does not want to
receive and has not asked to receive
T: Identify Spam Emails
P: % of spam emails that were filtered
% of ham (non-spam) emails that were
incorrectly filtered-out
E: a database of emails that were labelled
by users/experts
7/30/2012 Ben-Gurion University
11. The Learning Process in our Example
Model Learning Model
Testing
Number of recipients
Size of message
Number of attachments
Number of "re's" in the
subject line
Email Server …
12. Data Set
Target
Input Attributes
Attribute
Number of Email Country (IP) Customer Email Type
new Length (K) Type
Recipients
0 2 Germany Gold Ham
1 4 Germany Silver Ham
5 2 Nigeria Bronze Spam
Instances
2 4 Russia Bronze Spam
3 4 Germany Bronze Ham
0 1 USA Silver Ham
4 2 USA Silver Spam
13. Information security and machine
learning: Taxonomy
Problem Domain : Information Security – the problems
we need to solve:
Malware detection
Intrusion detection
SPAM mitigation
Etc.
Solution Domain: Machine-Learning – from which
solutions are drawn.
Artificial neural networks
Decision Trees etc.
7/30/2012 Ben-Gurion University
14. ISML Taxonomy Computer Security
Using Machine
Learning
Security domain Machine Learning domain
Protective Feature Learning
Threat type Damage Threat Raw data Extracted Analysis
Security Selection Algorithm
Type Domain Type Features type
System Method type
Information Network IntrusionPrevention
Executable n-grams Gain Ration Static
Viruses Leakage components System Supervised
Intrusion Detection Portable
Denial of Service Web applications Text File Fisher Score Dynamic
Worms System Executable Unsupervised
End Point Firewall/VPN E-Mail Function Based Document
Information Loss Sequence
Spam Computer Frequency Semi-supervised
Messaging End Point Antivirus IP-Packet String Signature Hierarchical feature Positive Examples
Personality theft
D.O.S attacks selection Only Learning
Loss of Internet Service Document
Network Antivirus XML File Network traffic
Buffer Overflow confidentuality providers Frequency
Signature Based
Time series
SQL Injection Filter Device
Anti-Spam
OpCode n-grams
Misuse Systems
XML features
System Intrusion
Packet header
7/30/2012 Ben-Gurion University
16. Malware
• Malware, short for malicious software, is
software designed to disrupt computer
operation, gather sensitive information, or
gain unauthorized access to a computer
system
7/30/2012 Ben-Gurion University
17. Static vs. Dynamic Analysis
• Static – Analyze the program (code) –
– leverage structural information (e.g. sequence of
bytes)
– attempts to detect malware before the program
under inspection executes
• Dynamic – Analyze the running process –
– leverage runtime information (e.g. network
usage)
– attempts to detect malicious behavior during
program execution or after program execution.
7/30/2012 Ben-Gurion University
19. Analogous of Malcode Detection as
Text Categorization
• Classifying Malicious Code can be analogous to
Text Categorization.
• Texts Malicious Code (Files)
• Words Code expressions
• Then weighting functions, such as tf or tfidf can
be used.
7/30/2012 Ben-Gurion University
20. Sec. 6.2.2
tf-idf weighting
• Best known weighting scheme in information retrieval
TF IDF
w t ,d log(1 tft ,d ) log10 ( N / dft )
• The TF (term frequency) tft,d of term t in document d
is defined as the number of times that t occurs in d.
• The IDF (inverse document frequency) : the inverse
number of documents that contain t
• Increases with the number of occurrences within a
document
• Increases with the rarity of the term in the collection
21. Dataset
• We acquired the malicious files from the VX Heaven website -
7688 malicious files for windows OS.
• Including executable and DLL (Dynamic Linked Library) files
• The benign set contained 22,735 files.
7/30/2012 Ben-Gurion University
23. Classification Algorithms
• In order to create rules from the raw data gathered
and presented on the previous slide, different
Classification Algorithms were examined
– Artificial Neural Networks (ANN)
– Decision Trees (DT)
– Naive Bayes (NB)
– Support Vector Machines (SVM)
– Boosted Decision Trees (BDT)
– Boosted Naive Bayes (BNB)
7/30/2012 Ben-Gurion University
24. Steps
• Determine the best conditions:
– The best term representation (TF /
TFIDF)
– The best N-gram (3 / 4 / 5 / 6)
– The best top-selection (50 / 100 / 200 /
300)
& best features selection ( DF / FS / GR)
7/30/2012 Ben-Gurion University
25. Performance Measures
• True Positive Rate (TPR) - The number
of positive instances classified
correctly.
• False Positive Rate (FPR) - The number
of negative instances misclassified.
• Total Accuracy - The number of
absolutely correctly classified
instances.
7/30/2012 Ben-Gurion University
26. Preliminary Results
• Mean accuracies
quite similar.
• Best performance:
top 5500.
• Best
representation: TF
• Best N-gram:
5-gram.
7/30/2012 Ben-Gurion University
27. Classifiers
• Under the best conditions presented above,
the classifiers that achieved the highest
accuracies, with lowest false positive rates,
are:
Classifier Accuracy FP FN
– Boosted Decision Tree ANN 0.941 0.033 0.134
– Artificial Neural Network DT 0.943 0.039 0.099
NB 0.697 0.382 0.069
BDT 0.949 0.040 0.110
BNB 0.697 0.382 0.069
SVM-lin 0.921 0.033 0.214
SVM-poly 0.852 0.014 0.544
SVM-rbf 0.939 0.029 0.154
7/30/2012 Ben-Gurion University
28. Portable Executable (PE)
• Extracted from certain parts of EXE files stored in Win32 PE binaries (EXE
or DLL).
• PE Header that describes physical structure of a PE binary (e.g.,
creation/modification time, machine type, file size)
• Import Section: which DLLs were imported and which functions from
which imported DLLs were used
• Exports Section: which functions were exported (if the file being examined
is a DLL)
• Resource Directory: resources used by a given file (e.g., dialogs, cursors)
• Version Information (e.g., internal and external name of a file, version
number)
7/30/2012 Ben-Gurion University
30. Imbalanced Classification Tasks
• Data set is Imbalanced, if
the classes are unequally
distributed
• Class of interest (minority
class) is often much
smaller or rarer
• But, the cost of error on the
minority class can have a
bigger bite
7/30/2012 Ben-Gurion University
31. The Mal-ID Method
• Common Libraries
• Anti-Forensic means to avoid their detection
• Chronological evolution of malware – Most viruses
are variants of previous malwares.
Mal-ID: Automatic Malware Detection Using
Common Segment Analysis and Meta-Features,
Journal of Machine Learning Research 1 (2012) 1-48
7/30/2012 Ben-Gurion University
32. Andromaly
• Lightweight Host-based Intrusion
Detection System for Android-
based devices
7/30/2012 Ben-Gurion University
33. The “Andromaly”
• A lightweight Host-based Intrusion Detection
System for Android-based devices
• Providing real-time, monitoring, collection,
preprocessing and analysis of various system
metrics
• Open framework – possible to apply different types
of detection techniques
• Threat assessments (TAs) are weighted and
smoothed to avoid instantaneous false alarms
• An alert is matched against a set of
automatic/manual countermeasures
7/30/2012 Ben-Gurion University
34. The “Andromaly” architecture
Graphical User Interface
Feature Extractors
Application Level
Operating System
Alert Agent Service Loggers Scheduling
Manager SQLite
Processor Memory
Manager Config
Manager
Keyboard
Operation Mode Alert
Manager Handler Feature Network
Threat
Manager Hardware
Weighting Unit Communication layer
Power
Processors
Rule-based Classifier Application Linux
Framework Kernel
Anomaly
Detector KBTA
7/30/2012 Ben-Gurion University
38. Evaluation
Preparation of the data-sets
• The applications were installed on 25 Android G1devices
(each device has one user only)
• Each user activate each application
• In the background the Android agent was running and
logging data (feature vectors) on the SD-card (88 features
each 2 seconds)
• The feature vectors were added to our data-set and labeled
with the device id, application name and class (game/tool)
7/30/2012 Ben-Gurion University
39. Abnormal state detection
• Identify the most informative features to • Detection algorithms: K-
monitor Means, Histograms, Logistic
Regression, Decision Tree, Bayesian
• Evaluating various detection methods and
Net, Naïve Bayes
algorithms
• Feature selection: InfoGain, Chi
• Understanding the feasibility of running
Square, Fisher Score
these methods as detection units on
Android devices • Top best features: 10, 20, 50
(d) Experiment IV
Feature Extraction Malicious (4) Tools/Games (4)
• Recorded 90 features while activating
Train Train applications
Feature Selection • Differentiate between applications
Train Device 1
which are not included in the training
Training set when training and testing are
Test Device 2 performed on different devices
Testing Test Test
Step I:
Step II:
Differentiating games (23K) and tools (20K) using
Detecting Android malware (15K) using 25 devices
25 devices
Rotation Forest/Fisher Score/Top 10
Logistic Regression/Fisher Score/Top 20
Accuracy 87.4% (TRP 0.794, FPR 0.126)
Accuracy 75.3% (TRP 0.797, FPR 0.303)
7/30/2012 Ben-Gurion University
42. Data Leakage Prevention
Data leakage prevention solution is a system that is designed to detect
potential data breach incidents in timely manner and prevent them by
monitoring data while in-use (endpoint actions), in-motion (network
traffic), and at-rest (data storage)
7/30/2012 Ben-Gurion University
43. Honeytokens
• Honeytokens - faked digital data (e.g., a
credit card number, a database entry or
bogus login credentials) planted into a
genuine system resource (e.g., databases,
files and emails).
• Example:
– Insert a honey-table: a table with "sweet" name
able to attract malicious user (e.g.
"CREDIT_CARDS")
– These tables are not being used by any
44. HoneyGen
• Challenge: A good honeytoken is an artificial
data item that is hard to distinguish between
real tokens and the honeytoken
• HoneyGen: an Automated Honeytokens
Generator [Berkovitch, 2011]
– Proposed a generic method for honeytokens
generation that given any database will be able to
generate high quality honeytokens
44
45. HoneyGen System
• Rule mining: extrapolates rules that describe the "real" data structure,
attributes, constraints and logic (identity, reference, cardinality, value-
set, attribute dependency)
Honeytoken generation
Likelihood rating: sort
honeytokens by similarity
Real tokens
to real tokens in the input INPUT:
DB
database, according to the
commonness of its
combination of values PROCESS: Rules
Mining
Rules Honeytokens Honeytokens
Generation
Likelihood
Rating
Honeytokens
OUTPUT: Honeytokens Likelihood Scores
DB
45
47. Motivation
• Identity theft is one of the most usual crimes
in North America. There are closet to 10
million victims of identity theft each year.
• The Federal Trade Commission (FTC)
estimates that the cost of identity theft to
companies is approximately $50 billion per
year additionally to $5 billion worth of costs
to consumers.
• These days all the authentication of users is
based on Username & Password, which can
be stolen physically, by Phishing sites, Trojans,
as well as given.
48. Current Authentication Mechanisms – Costly
and often Unavailable.
Current Authentication mechanisms Disadvantages
Authentication by Hard to remember many passwords
Password predefined user name and Password may be copied, cracked or stolen
password
Can be lost or stolen
Token Based on an object (i.e.,
magnetic card, RFID tag) Expensive to deploy and maintain for
consumer market
Biometric
Biometrics based on a palm Expensive
(Palm/finger signature Limited availability
)
Biometric Biometrics based on a Accuracy limited with illness or background
(Voice) vocal patterns noise
Biometric Biometrics based on Expensive
structural and color patterns
(Iris) of the human iris. Accuracy problems for diabetes patients
ID numbers which are
Secure ID constantly generated (i.e., Can be lost or stolen
by RSA Secure ID)
Users are already hassled by current security mechanisms and
reluctant to accept new ones.
22.01.2010
48
52. Various actions for learning purposes
Mouse Point and
Point and Double
Move
Left Click Click
Mouse Left Click
Move Mouse Double
Move Click
Drag and
Drop
Point and Point and
Right Click Mouse Mouse Mouse DD
Down Move Up
Mouse Right Click Mouse Mouse Mouse Mouse
Move Move Down Move Up
53. Evaluation Measures
• False Acceptance Rate (FAR) –the ratio
between the number of attacks that were
erroneously labeled as authentic interactions
and the total number of attacks.
• False Rejection Rate (FRR) –the ratio between
the number of legitimate interactions that
were erroneously labeled as attacks and the
total number of legitimate interactions.
7/30/2012 Ben-Gurion University
54. Evaluation
• Fixed Text (password) / Continues Verification
• The Session Length (number of actions)
– more actions Better performance
• Keyboard is better than mouse
Session Size FAR FRR EER AUC
1/4 Session 4.33% 3.17% 3.75% 0.0308
1/2 Session 2.59% 2.86% 2.72% 0.0234
Full Session 1.48% 1.59% 1.53% 0.0144
• ~ 3 % FAR, FRR after 10 actions
• Clint Feher, Yuval Elovici, Robert Moskovitch, Lior Rokach, Alon Schclar, “User
Identity Verification via Mouse Dynamics”, Information Sciences Volume 201, 15
October 2012, Pages 19–36.
7/30/2012 Ben-Gurion University
56. Motivation
• Huge databases exist in society today
– Medical data
– Consumer purchase data
– Census data
– Communication and media-related data
– Data gathered by government agencies
• Can this data be utilized?
– For medical research
– For improving customer service
– For homeland security
• The Problem: The huge amount of data
available means that it is possible to learn a lot
of information about individuals
57. Privacy Challenge (Sweeney, 1998)
Disease
Birth Date
Zip
Sex
Name
87% of the population in the USA can be uniquely identified by zip, sex and DoB
58. Quasi-identifier
• The minimal set of attributes in a
table that can be joined with external
information to re-identify individual
records
59. k-Anonymity
Let R(A1,...,An) be a relation and QI be the quasi-identifier
associated with it. R is said to satisfy k-anonymity if and only if
every distinct value of QI has at least k occurrences in R.
60. Generalization and Suppression
Generalization
replacement of a value by a less specific (more general)
value using domain generalization relationship.
Suppression
remove the value.
Z2 = {537**}
Z1 = {5371*. 5370*}
Z0 = {53715. 53710, 53706, 53703}
537**
S1 = {Person} 5371* 5370*
S0 = {Male, Female}
53715 53710 53706 53703
61. Privacy-preserving data mining
(PPDM)
• Goal: Create accurate data mining models from
anonymous data.
• Performing anonymization while ignoring the data
mining task results in a loss of data quality
• Data owners must balance the desire to share
useful data and the need to protect private
information within the data. Trade-Off
62. k-Anonymity Classification Tree
Using Suppression
• Induce a classification tree with existing algorithm
(like C4.5)
• Walk over the tree and iteratively prune the rule
in bottom-up manner until we reach k-anonymity
The order of attributes in the path (from root to
the leaf) already denotes the importance (from
high to low) for predicting the class.
7/30/2012 Ben-Gurion University
63. Example QI = {Marital Status, Education, Occupation, Sex}
K=100
Marital Status = Married
| Education = High School: <=50K. (200)
| Education = Some college
| | Occupation = Handlers-cleaners: <=50K. (89)
| | Occupation = Exec managerial: >50K (120)
Complying nodes – child leafs whose frequency is bigger than k-anonymity
threshold
Non-complying nodes – child leafs whose frequency is lower than k-anonymity
threshold
Compensation - use complying nodes to drive anonymization process by
compensating part of their records in favor of non-complying records using
suppression
64. Example QI = {Marital Status, Education, Occupation, Sex}
K=100
Marital Status = Married
| Education = High School: <=50K. (200)
| Education = Some college
| | Occupation = Handlers-cleaners: <=50K. (89)
| | Occupation = Exec managerial: >50K (120)
Marital Status Education Occupation Sex Class
Married High School * * <=50K
200 : : : : :
Married High School * * <=50K
Married Some college * * <=50K
89 : : : : :
Married Some college * * <=50K
11 Married Some college * * <=50K
Married Some college Exec managerial * >50K
120-11=109
:
65. Slava Kisilevich, Lior Rokach, Yuval Elovici, Bracha Shapira, Efficient
Multidimensional Suppression for K-Anonymity, IEEE Transactions on Knowledge
and Data Engineering, 22(3): 334-347 (2010).
7/30/2012 Ben-Gurion University
68. Machine Learning and Security
• Many current and emerging computer and network
security challenges can be solved only by using machine
learning techniques:
– Information leakage
– Data misuse
– Anomaly detection
– etc…
• It is very important to understand how to employ machine
learning techniques in an effective way.
• In particular:
– carefully construct training corpora,
– Effective feature extraction
– Effective feature selection, and
– Valid evaluations on representative corpora.
טקסונומיה של אבטחת מידע בשילוב למידת מכונה.עבודה לדוגמא יכולה להתמקד בחקירת משפחה של וירוסים הגורמים לאיבוד מידע באפליקציות רשת. אנטי וירוס רשתי הוא אמצעי ההגנה המתואר בעבודהכאשר המידע הגולמי שמערכת כזו מעבדת הם קבצים ברי הרצה.פתרון המוצע משתמש בחתימות מחרוזת. את המאפיינים לבחירת המחרוזת בוחרים בעזרת פישר סקור.מציאת החתימה נעשית על ידי ניתוח קוד סטטי.מאמנים מודל סיווג עי שימוש באחד מאלגוריתמי למידה מונחית.