Understanding the "Intelligence" in AI

Raffael Marty
Raffael MartyGeneralManager Cybersecurity at ConnectWise
Understanding the "Intelligence" in AI RAFFAEL MARTY VP Research and Intelligence Head of X-Labs, Forcepoint AI 4 Cyber | April 2019 | New York City
A BRIEF SUMMARY We don’t have artificial intelligence (yet) Algorithms can be dangerous - Understand your data and your algorithms Build systems that capture “expert knowledge” and augment human capabilities Escape the cat and mouse game between attackers and security Copyright © 2019 Raffael Marty. | 2
RAFFAEL MARTY Sophos PixlCloud Loggly Splunk ArcSight IBM Research Security Visualization Big Data ML & AI SIEM Corp Strategy Leadership Zen Copyright © 2019 Raffael Marty | 3
BEAT WORLD CHAMPION AT GO DESIGN MORE EFFECTIVE DRUGS MAKE SIRI SMARTER ARTIFICIAL INTELLIGENCE Deep Learning Statistics Unsupervised Machine Learning Natural Language Processing
THE DANGERS OF AI SECURITY EXAMPLES Fooling Facial Recognition Hack Crash Tweet Blacklisting of Windows Executable Pentagon AI Fail Algorithm Bias NOTIFY_SOCKET=/run/syst emd/notify systemd-notify "" Data Biases
WHAT MAKES ALGORITHMS DANGEROUS? Algorithms make assumptions about the data. Algorithms are too easy to use. Algorithms do not take domain knowledge into account. History is not a predictor of the future. Copyright © 2019 Raffael Marty. | 6
UNDERSTAND YOUR DATA dest port! Port 70000? src ports! http://vis.pku.edu.cn/people/simingchen/docs/vastchallenge13-mc3.pdf
CHOOSING THE CORRECT ALGORITHM PARAMETERS The dangers of not understanding algorithmic parameters t-SNE clustering of network traffic from two types of machines perplexity = 3 epsilon = 3 No clear separation perplexity = 3 epsilon = 19 3 clusters instead of 2 perplexity = 93 epsilon = 19 What a mess Copyright © 2019 Raffael Marty. | 8
INTELLIGENCE Expert KnowledgeSecurity Graph DETECTION COMPONENTS RISK-ADAPTIVE PROTECTION ADDING THE INTELLIGENCE INTO AI CYBER BEHAVIOR CATALOG
IOCs to Behaviors IOCs / Traditional Threat Intel Behavior ESCAPING THE SECURITY CAT AND MOUSE GAME CnC Bot Bot IOC: Compromised IP addresses • Characterizing machine and human behavior • Leverage risk-based approaches • From reactive to proactive • From detection to protection / automation Behavior: Botnet characteristics Traffic size: 200-350bytes Periodicity: 2 minutes Jitter: 12 seconds IPv4 proto: 6 App protocol: HTTPS
TAKEAWAYS “Algorithms are getting ‘smarter’, but experts are more important” “Understand your data, your algorithms, and your data science process” “History is not a predictor – but knowledge can be”
http://slideshare.net/zrlram @raffaelmarty QUESTIONS? Copyright © 2019 Raffael Marty. | 15
1 of 12

Understanding the "Intelligence" in AI

Download to read offline
Science

In this presentation I explore the topic of artificial intelligence in cyber security. What is AI and how do we get to real intelligence in a cyber context. I outline some of the dangers of the way we are using algorithms (AI, ML) today and what that leads to. We then explore how we can add real intelligence through export knowledge to the problem of finding attackers and anomalies in our applications and networks. Presented at AI 4 Cyber in NYC on April 30, 2019

Raffael Marty
Raffael MartyGeneralManager Cybersecurity at ConnectWise

Recommended

Artificial Intelligence – Time Bomb or The Promised Land? by
Artificial Intelligence – Time Bomb or The Promised Land?Artificial Intelligence – Time Bomb or The Promised Land?
Artificial Intelligence – Time Bomb or The Promised Land?Raffael Marty
1K views20 slides
Cyber security and AI by
Cyber security and AICyber security and AI
Cyber security and AIDexterJanPineda
464 views15 slides
How is ai important to the future of cyber security by
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
485 views11 slides
Security Chat 5.0 by
Security Chat 5.0Security Chat 5.0
Security Chat 5.0Raffael Marty
449 views14 slides
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed by
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedAI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't Changed
AI & ML in Cyber Security - Welcome Back to 1999 - Security Hasn't ChangedRaffael Marty
4.5K views29 slides
Understanding the "Intelligence" in AI by
Understanding the "Intelligence" in AIUnderstanding the "Intelligence" in AI
Understanding the "Intelligence" in AIForcepoint LLC
466 views13 slides

More Related Content

What's hot

How Machine Learning & AI Will Improve Cyber Security by
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber SecurityDevOps.com
632 views8 slides
AI In Cybersecurity – Challenges and Solutions by
AI In Cybersecurity – Challenges and SolutionsAI In Cybersecurity – Challenges and Solutions
AI In Cybersecurity – Challenges and SolutionsZoneFox
309 views14 slides
Challenges in Applying AI to Enterprise Cybersecurity by
Challenges in Applying AI to Enterprise CybersecurityChallenges in Applying AI to Enterprise Cybersecurity
Challenges in Applying AI to Enterprise CybersecurityTahseen Shabab
316 views36 slides
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data... by
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...Forcepoint LLC
123 views14 slides
AI and ML in Cybersecurity by
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in CybersecurityForcepoint LLC
2.7K views40 slides
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes? by
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
6.4K views30 slides

What's hot(20)

How Machine Learning & AI Will Improve Cyber Security by DevOps.com
How Machine Learning & AI Will Improve Cyber SecurityHow Machine Learning & AI Will Improve Cyber Security
How Machine Learning & AI Will Improve Cyber Security
DevOps.com632 views
AI In Cybersecurity – Challenges and Solutions by ZoneFox
AI In Cybersecurity – Challenges and SolutionsAI In Cybersecurity – Challenges and Solutions
AI In Cybersecurity – Challenges and Solutions
ZoneFox309 views
Challenges in Applying AI to Enterprise Cybersecurity by Tahseen Shabab
Challenges in Applying AI to Enterprise CybersecurityChallenges in Applying AI to Enterprise Cybersecurity
Challenges in Applying AI to Enterprise Cybersecurity
Tahseen Shabab316 views
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data... by Forcepoint LLC
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...
Forcepoint LLC123 views
AI and ML in Cybersecurity by Forcepoint LLC
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
Forcepoint LLC2.7K views
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes? by Raffael Marty
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Raffael Marty6.4K views
Actionable Threat Intelligence by OWASP Delhi
Actionable Threat IntelligenceActionable Threat Intelligence
Actionable Threat Intelligence
OWASP Delhi263 views
Cybersecurity with AI - Ashrith Barthur by Sri Ambati
Cybersecurity with AI - Ashrith BarthurCybersecurity with AI - Ashrith Barthur
Cybersecurity with AI - Ashrith Barthur
Sri Ambati1.1K views
Delivering Security Insights with Data Analytics and Visualization by Raffael Marty
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
Raffael Marty3.7K views
Visualizing Threats: Network Visualization for Cyber Security by Cambridge Intelligence
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber Security
Cambridge Intelligence4.3K views
Threat Intelligence Workshop by Priyanka Aash
Threat Intelligence WorkshopThreat Intelligence Workshop
Threat Intelligence Workshop
Priyanka Aash3.3K views
AI & ML in Cyber Security - Why Algorithms are Dangerous by Raffael Marty
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Raffael Marty7.2K views
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm by Shawn Tuma
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
Shawn Tuma254 views
The Future of Security: How Artificial Intelligence Will Impact Us by PECB
The Future of Security: How Artificial Intelligence Will Impact UsThe Future of Security: How Artificial Intelligence Will Impact Us
The Future of Security: How Artificial Intelligence Will Impact Us
PECB 849 views
AI and Cybersecurity - Food for Thought by NUS-ISS
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
NUS-ISS423 views
The good, the bad, and the ugly on integration ai with cybersecurity by Mohammad Khreesha
The good, the bad, and the ugly on integration ai with cybersecurityThe good, the bad, and the ugly on integration ai with cybersecurity
The good, the bad, and the ugly on integration ai with cybersecurity
Mohammad Khreesha110 views
Threat intelligence in security by Osama Ellahi
Threat intelligence in securityThreat intelligence in security
Threat intelligence in security
Osama Ellahi127 views
Threat Intelligence by Deepak Kumar (D3)
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3) 3.3K views
AI and Machine Learning In Cybersecurity | A Saviour or Enemy? by SahilRao25
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
AI and Machine Learning In Cybersecurity | A Saviour or Enemy?
SahilRao25100 views
Sans cyber-threat-intelligence-survey-2015 by Roy Ramkrishna
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Roy Ramkrishna429 views

Similar to Understanding the "Intelligence" in AI

AI & ML in Cyber Security - Why Algorithms are Dangerous by
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are DangerousPriyanka Aash
331 views41 slides
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf by
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdfIRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdfIRJET Journal
25 views3 slides
Artificial Intelligence Techniques for Cyber Security by
Artificial Intelligence Techniques for Cyber SecurityArtificial Intelligence Techniques for Cyber Security
Artificial Intelligence Techniques for Cyber SecurityIRJET Journal
120 views3 slides
AI: The New Player in Cybersecurity (Nov. 08, 2023) by
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)Takeshi Takahashi
40 views39 slides
CIS AIML Beginners Series Part 1 by
CIS AIML Beginners Series Part 1CIS AIML Beginners Series Part 1
CIS AIML Beginners Series Part 1Council Of Information Security
681 views23 slides
IRJET- Intervention of Artificial Intelligence in Cyber Security by
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET Journal
14 views3 slides

Similar to Understanding the "Intelligence" in AI(20)

AI & ML in Cyber Security - Why Algorithms are Dangerous by Priyanka Aash
AI & ML in Cyber Security - Why Algorithms are DangerousAI & ML in Cyber Security - Why Algorithms are Dangerous
AI & ML in Cyber Security - Why Algorithms are Dangerous
Priyanka Aash331 views
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf by IRJET Journal
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdfIRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf
IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf
IRJET Journal25 views
Artificial Intelligence Techniques for Cyber Security by IRJET Journal
Artificial Intelligence Techniques for Cyber SecurityArtificial Intelligence Techniques for Cyber Security
Artificial Intelligence Techniques for Cyber Security
IRJET Journal120 views
AI: The New Player in Cybersecurity (Nov. 08, 2023) by Takeshi Takahashi
AI: The New Player in Cybersecurity (Nov. 08, 2023)AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi40 views
CIS AIML Beginners Series Part 1 by Council Of Information Security
CIS AIML Beginners Series Part 1CIS AIML Beginners Series Part 1
CIS AIML Beginners Series Part 1
Council Of Information Security681 views
IRJET- Intervention of Artificial Intelligence in Cyber Security by IRJET Journal
IRJET- Intervention of Artificial Intelligence in Cyber SecurityIRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET- Intervention of Artificial Intelligence in Cyber Security
IRJET Journal14 views
Artificial Intelligence in cybersecurity by SmartlearningUK
Artificial Intelligence in cybersecurityArtificial Intelligence in cybersecurity
Artificial Intelligence in cybersecurity
SmartlearningUK382 views
Artificial Intelligence and Cybersecurity by Olivier Busolini
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Olivier Busolini17.1K views
Cyber Defense Automation by ♟Sergej Epp
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
♟Sergej Epp207 views
9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx by PhmNam55
9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx
9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx
PhmNam55121 views
Top Positive and Negative Impacts of AI & ML on Cybersecurity by Pixel Crayons
Top Positive and Negative Impacts of AI & ML on CybersecurityTop Positive and Negative Impacts of AI & ML on Cybersecurity
Top Positive and Negative Impacts of AI & ML on Cybersecurity
Pixel Crayons51 views
Combating Cyber Security Using Artificial Intelligence by Inderjeet Singh
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
Inderjeet Singh5.7K views
Security in the age of Artificial Intelligence by Faction XYZ
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial Intelligence
Faction XYZ2.3K views
AI for Cybersecurity Innovation by Pete Burnap
AI for Cybersecurity InnovationAI for Cybersecurity Innovation
AI for Cybersecurity Innovation
Pete Burnap62 views
PaloAlto Enterprise Security Solution by Prime Infoserv
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
Prime Infoserv589 views
Artificial Intelligence In Cyber Security - A Review by Courtney Esco
Artificial Intelligence In Cyber Security - A ReviewArtificial Intelligence In Cyber Security - A Review
Artificial Intelligence In Cyber Security - A Review
Courtney Esco11 views
Need for Threat Intelligence & How to Operationalize it for your Organisation. by Aditya Mukherjee Information Security
Need for Threat Intelligence & How to Operationalize it for your Organisation.Need for Threat Intelligence & How to Operationalize it for your Organisation.
Need for Threat Intelligence & How to Operationalize it for your Organisation.
Aditya Mukherjee Information Security387 views
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks by Angeloluca Barba
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Angeloluca Barba228 views
DSS and Security Intelligence @IBM_Connect_2014_April by Andris Soroka
DSS and Security Intelligence @IBM_Connect_2014_AprilDSS and Security Intelligence @IBM_Connect_2014_April
DSS and Security Intelligence @IBM_Connect_2014_April
Andris Soroka1.2K views
How artificial intelligence is leading the digital revolution by Jayant Sinha
How artificial intelligence is leading the digital revolutionHow artificial intelligence is leading the digital revolution
How artificial intelligence is leading the digital revolution
Jayant Sinha77 views

More from Raffael Marty

Exploring the Defender's Advantage by
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's AdvantageRaffael Marty
137 views36 slides
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti... by
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Raffael Marty
966 views19 slides
How To Drive Value with Security Data by
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security DataRaffael Marty
3.4K views7 slides
AI & ML in Cyber Security - Why Algorithms Are Dangerous by
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousRaffael Marty
13.9K views32 slides
Security Insights at Scale by
Security Insights at ScaleSecurity Insights at Scale
Security Insights at ScaleRaffael Marty
2.5K views11 slides
Creating Your Own Threat Intel Through Hunting & Visualization by
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & VisualizationRaffael Marty
2.7K views25 slides

More from Raffael Marty(20)

Exploring the Defender's Advantage by Raffael Marty
Exploring the Defender's AdvantageExploring the Defender's Advantage
Exploring the Defender's Advantage
Raffael Marty137 views
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti... by Raffael Marty
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Extended Detection and Response (XDR) An Overhyped Product Category With Ulti...
Raffael Marty966 views
How To Drive Value with Security Data by Raffael Marty
How To Drive Value with Security DataHow To Drive Value with Security Data
How To Drive Value with Security Data
Raffael Marty3.4K views
AI & ML in Cyber Security - Why Algorithms Are Dangerous by Raffael Marty
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty13.9K views
Security Insights at Scale by Raffael Marty
Security Insights at ScaleSecurity Insights at Scale
Security Insights at Scale
Raffael Marty2.5K views
Creating Your Own Threat Intel Through Hunting & Visualization by Raffael Marty
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty2.7K views
Creating Your Own Threat Intel Through Hunting & Visualization by Raffael Marty
Creating Your Own Threat Intel Through Hunting & VisualizationCreating Your Own Threat Intel Through Hunting & Visualization
Creating Your Own Threat Intel Through Hunting & Visualization
Raffael Marty25.2K views
Visualization in the Age of Big Data by Raffael Marty
Visualization in the Age of Big DataVisualization in the Age of Big Data
Visualization in the Age of Big Data
Raffael Marty6.9K views
Big Data Visualization by Raffael Marty
Big Data VisualizationBig Data Visualization
Big Data Visualization
Raffael Marty41.5K views
The Heatmap
 - Why is Security Visualization so Hard? by Raffael Marty
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty2.5K views
Workshop: Big Data Visualization for Security by Raffael Marty
Workshop: Big Data Visualization for SecurityWorkshop: Big Data Visualization for Security
Workshop: Big Data Visualization for Security
Raffael Marty22.1K views
Visualization for Security by Raffael Marty
Visualization for SecurityVisualization for Security
Visualization for Security
Raffael Marty7.7K views
The Heatmap
 - Why is Security Visualization so Hard? by Raffael Marty
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?
Raffael Marty8K views
DAVIX - Data Analysis and Visualization Linux by Raffael Marty
DAVIX - Data Analysis and Visualization LinuxDAVIX - Data Analysis and Visualization Linux
DAVIX - Data Analysis and Visualization Linux
Raffael Marty4.2K views
Cloud - Security - Big Data by Raffael Marty
Cloud - Security - Big DataCloud - Security - Big Data
Cloud - Security - Big Data
Raffael Marty2.1K views
Cyber Security – How Visual Analytics Unlock Insight by Raffael Marty
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock Insight
Raffael Marty33K views
AfterGlow by Raffael Marty
AfterGlowAfterGlow
AfterGlow
Raffael Marty21.9K views
Supercharging Visualization with Data Mining by Raffael Marty
Supercharging Visualization with Data MiningSupercharging Visualization with Data Mining
Supercharging Visualization with Data Mining
Raffael Marty5K views
Security Visualization - Let's Take A Step Back by Raffael Marty
Security Visualization - Let's Take A Step BackSecurity Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step Back
Raffael Marty3K views
Visual Analytics and Security Intelligence by Raffael Marty
Visual Analytics and Security IntelligenceVisual Analytics and Security Intelligence
Visual Analytics and Security Intelligence
Raffael Marty2.6K views

Recently uploaded

Ecology by
Ecology Ecology
Ecology Abhijith Raj.R
7 views10 slides
Open Access Publishing in Astrophysics by
Open Access Publishing in AstrophysicsOpen Access Publishing in Astrophysics
Open Access Publishing in AstrophysicsPeter Coles
808 views26 slides
application of genetic engineering 2.pptx by
application of genetic engineering 2.pptxapplication of genetic engineering 2.pptx
application of genetic engineering 2.pptxSankSurezz
9 views12 slides
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ... by
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...ILRI
5 views1 slide
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance... by
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...InsideScientific
49 views62 slides
Artificial Intelligence Helps in Drug Designing and Discovery.pptx by
Artificial Intelligence Helps in Drug Designing and Discovery.pptxArtificial Intelligence Helps in Drug Designing and Discovery.pptx
Artificial Intelligence Helps in Drug Designing and Discovery.pptxabhinashsahoo2001
126 views22 slides

Recently uploaded(20)

Ecology by Abhijith Raj.R
Ecology Ecology
Ecology
Abhijith Raj.R7 views
Open Access Publishing in Astrophysics by Peter Coles
Open Access Publishing in AstrophysicsOpen Access Publishing in Astrophysics
Open Access Publishing in Astrophysics
Peter Coles808 views
application of genetic engineering 2.pptx by SankSurezz
application of genetic engineering 2.pptxapplication of genetic engineering 2.pptx
application of genetic engineering 2.pptx
SankSurezz9 views
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ... by ILRI
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...
Small ruminant keepers’ knowledge, attitudes and practices towards peste des ...
ILRI5 views
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance... by InsideScientific
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...
A Ready-to-Analyze High-Plex Spatial Signature Development Workflow for Cance...
InsideScientific49 views
Artificial Intelligence Helps in Drug Designing and Discovery.pptx by abhinashsahoo2001
Artificial Intelligence Helps in Drug Designing and Discovery.pptxArtificial Intelligence Helps in Drug Designing and Discovery.pptx
Artificial Intelligence Helps in Drug Designing and Discovery.pptx
abhinashsahoo2001126 views
PRINCIPLES-OF ASSESSMENT by rbalmagro
PRINCIPLES-OF ASSESSMENTPRINCIPLES-OF ASSESSMENT
PRINCIPLES-OF ASSESSMENT
rbalmagro12 views
How to be(come) a successful PhD student by Tom Mens
How to be(come) a successful PhD studentHow to be(come) a successful PhD student
How to be(come) a successful PhD student
Tom Mens473 views
MILK LIPIDS 2.pptx by abhinambroze18
MILK LIPIDS 2.pptxMILK LIPIDS 2.pptx
MILK LIPIDS 2.pptx
abhinambroze187 views
Chromatography ppt.pptx by varshachandgudesvpm
Chromatography ppt.pptxChromatography ppt.pptx
Chromatography ppt.pptx
varshachandgudesvpm18 views
Light Pollution for LVIS students by CWBarthlmew
Light Pollution for LVIS studentsLight Pollution for LVIS students
Light Pollution for LVIS students
CWBarthlmew6 views
scopus cited journals.pdf by KSAravindSrivastava
scopus cited journals.pdfscopus cited journals.pdf
scopus cited journals.pdf
KSAravindSrivastava7 views
별헤는 사람들 2023년 12월호 전명원 교수 자료 by sciencepeople
별헤는 사람들 2023년 12월호 전명원 교수 자료별헤는 사람들 2023년 12월호 전명원 교수 자료
별헤는 사람들 2023년 12월호 전명원 교수 자료
sciencepeople37 views
himalay baruah acid fast staining.pptx by HimalayBaruah
himalay baruah acid fast staining.pptxhimalay baruah acid fast staining.pptx
himalay baruah acid fast staining.pptx
HimalayBaruah7 views
Pollination By Nagapradheesh.M.pptx by MNAGAPRADHEESH
Pollination By Nagapradheesh.M.pptxPollination By Nagapradheesh.M.pptx
Pollination By Nagapradheesh.M.pptx
MNAGAPRADHEESH16 views
Distinct distributions of elliptical and disk galaxies across the Local Super... by Sérgio Sacani
Distinct distributions of elliptical and disk galaxies across the Local Super...Distinct distributions of elliptical and disk galaxies across the Local Super...
Distinct distributions of elliptical and disk galaxies across the Local Super...
Sérgio Sacani31 views
SANJAY HPLC.pptx by sanjayudps2016
SANJAY HPLC.pptxSANJAY HPLC.pptx
SANJAY HPLC.pptx
sanjayudps2016170 views
CSF -SHEEBA.D presentation.pptx by SheebaD7
CSF -SHEEBA.D presentation.pptxCSF -SHEEBA.D presentation.pptx
CSF -SHEEBA.D presentation.pptx
SheebaD711 views
1978 NASA News Release Log by purrterminator
1978 NASA News Release Log1978 NASA News Release Log
1978 NASA News Release Log
purrterminator9 views
A training, certification and marketing scheme for informal dairy vendors in ... by ILRI
A training, certification and marketing scheme for informal dairy vendors in ...A training, certification and marketing scheme for informal dairy vendors in ...
A training, certification and marketing scheme for informal dairy vendors in ...
ILRI13 views

Understanding the "Intelligence" in AI

  • 1. Understanding the "Intelligence" in AI RAFFAEL MARTY VP Research and Intelligence Head of X-Labs, Forcepoint AI 4 Cyber | April 2019 | New York City
  • 2. A BRIEF SUMMARY We don’t have artificial intelligence (yet) Algorithms can be dangerous - Understand your data and your algorithms Build systems that capture “expert knowledge” and augment human capabilities Escape the cat and mouse game between attackers and security Copyright © 2019 Raffael Marty. | 2
  • 3. RAFFAEL MARTY Sophos PixlCloud Loggly Splunk ArcSight IBM Research Security Visualization Big Data ML & AI SIEM Corp Strategy Leadership Zen Copyright © 2019 Raffael Marty | 3
  • 4. BEAT WORLD CHAMPION AT GO DESIGN MORE EFFECTIVE DRUGS MAKE SIRI SMARTER ARTIFICIAL INTELLIGENCE Deep Learning Statistics Unsupervised Machine Learning Natural Language Processing
  • 5. THE DANGERS OF AI SECURITY EXAMPLES Fooling Facial Recognition Hack Crash Tweet Blacklisting of Windows Executable Pentagon AI Fail Algorithm Bias NOTIFY_SOCKET=/run/syst emd/notify systemd-notify "" Data Biases
  • 6. WHAT MAKES ALGORITHMS DANGEROUS? Algorithms make assumptions about the data. Algorithms are too easy to use. Algorithms do not take domain knowledge into account. History is not a predictor of the future. Copyright © 2019 Raffael Marty. | 6
  • 7. UNDERSTAND YOUR DATA dest port! Port 70000? src ports! http://vis.pku.edu.cn/people/simingchen/docs/vastchallenge13-mc3.pdf
  • 8. CHOOSING THE CORRECT ALGORITHM PARAMETERS The dangers of not understanding algorithmic parameters t-SNE clustering of network traffic from two types of machines perplexity = 3 epsilon = 3 No clear separation perplexity = 3 epsilon = 19 3 clusters instead of 2 perplexity = 93 epsilon = 19 What a mess Copyright © 2019 Raffael Marty. | 8
  • 9. INTELLIGENCE Expert KnowledgeSecurity Graph DETECTION COMPONENTS RISK-ADAPTIVE PROTECTION ADDING THE INTELLIGENCE INTO AI CYBER BEHAVIOR CATALOG
  • 10. IOCs to Behaviors IOCs / Traditional Threat Intel Behavior ESCAPING THE SECURITY CAT AND MOUSE GAME CnC Bot Bot IOC: Compromised IP addresses • Characterizing machine and human behavior • Leverage risk-based approaches • From reactive to proactive • From detection to protection / automation Behavior: Botnet characteristics Traffic size: 200-350bytes Periodicity: 2 minutes Jitter: 12 seconds IPv4 proto: 6 App protocol: HTTPS
  • 11. TAKEAWAYS “Algorithms are getting ‘smarter’, but experts are more important” “Understand your data, your algorithms, and your data science process” “History is not a predictor – but knowledge can be”