The document discusses machine learning (ML) and its application in cybersecurity, highlighting its ability to automate malware detection, adapt to evolving threats, and innovate in areas like deepfake technology. It includes live demonstrations and outlines the career opportunities in the field, particularly for cybersecurity data scientists. The emphasis is on the importance of ML in combating sophisticated cybercrime and the necessity for professionals to understand and implement these technologies.

2. Meet your
speakers
Dr. Emmanuel Tsukerman
Guest speaker
Infosec Skills author

3. Agenda
● What is ML?
○ It automates and scales
○ It’s flexible
○ It allows innovative attacks
● Deepfake live demo
● Few more ML use cases
● Career outlook

4. What is machine learning?
Short answer #1:
ML automates and scales

5. Example: ML for malware detection
5

6. 6
Traditional anti-
viruses (AVs) rely on
signatures and
heuristics
• Signatures: Hashes of files, hashes of
snippets of code; akin to cataloging
• Heuristics: Similarity of source code to
known malicious samples, self-replication,
overwriting files, suspicious network traffic,
etc.

7. 7
Malware is too numerous and evolves too fast
>350,000 new malware created every day (https://www.av-test.org/en/statistics/malware/)

8. How do I know traditional AVs
don’t keep up?
8

9. 9

10. ML-based AVs are now industry
standard
10

11. What is machine learning?
Short answer #2:
Flexibility

12. Example: Network intrusion detection
12

13. 13

14. Problem: There is a never-ending
array of methods of attack
14

15. Illustration of threat diversity
15
DOS: SMURF, NEPTUNE, Back, land, PoD, Teardrop, TCP SYN flooding …

16. 16
Illustration of threat
diversity from
firewalls
● Packet fragmentation: Allows hackers to
evade pattern matching by fragmenting
their packets
● Spoofing source IP address: Hackers
appear like legitimate users to the firewall
● Spoofing source port: Allows hackers to
bypass port-specific rules in the firewall
New attacks developed everyday

17. 17
🙶 It’s humanly impossible
to keep up with this ever-
evolving threat landscape
🙶

18. ML can keep up with and catch:
● Zero-day attacks
● Anomalous behavior
18

19. What is machine learning?
Short answer #3:
Innovative attacks

20. 20
You won’t believe what Obama says in this video!
—BuzzFeedVideo

21. 21
This type of crime is
already here
“Fraudsters Used AI to Mimic CEO’s
Voice in Unusual Cybercrime Case”
—Wall Street Journal

22. Deepfake live demo

23. Few more illustrative ML
use cases

24. Hacking CAPTCHA systems
24
CAPTCHA is meant to tell humans and
computers apart, but we can break it using
ML

25. Smart fuzzing
25
● Fuzzing is about finding inputs to a
program that will cause it to break
● The best fuzzers rely on ML (e.g., genetic
algorithms)

26. Career outlook

27. Plenty of great jobs
27
The primary profession for
applying data science to
cybersecurity is “cybersecurity
data scientist”

28. 28
ML is beginning to
touch all aspects of
cybersecurity
Areas influenced:
● Malware
● Intrusion
● Social engineering
● Pentesting
● Data security
Best learn it, because the bad guys are

29. Dr. Tsukerman’s
Infosec Skills courses
infosecinstitute.com/authors/emmanuel-tsukerman/

30. Questions?

31. Everyone gets a free week
of Infosec Skills.
Then it’s just $34/month
infosecinstitute.com/skills

32. About us
At Infosec, we believe knowledge is the most
powerful tool in the fight against cybercrime. We
provide the best certification and skills
development training for IT and security
professionals, as well as employee security
awareness training and phishing simulations.
infosecinstitute.com
708.689.0131
32