Understanding the "Intelligence" in AI

•

2 likes•944 views

In this presentation I explore the topic of artificial intelligence in cyber security. What is AI and how do we get to real intelligence in a cyber context. I outline some of the dangers of the way we are using algorithms (AI, ML) today and what that leads to. We then explore how we can add real intelligence through export knowledge to the problem of finding attackers and anomalies in our applications and networks. Presented at AI 4 Cyber in NYC on April 30, 2019

Science

Understanding the "Intelligence" in AI
RAFFAEL MARTY
VP Research and Intelligence
Head of X-Labs, Forcepoint
AI 4 Cyber | April 2019 | New York City

A BRIEF SUMMARY
We don’t have artificial intelligence (yet)
Algorithms can be dangerous - Understand your data and your
algorithms
Build systems that capture “expert knowledge” and augment human
capabilities
Escape the cat and mouse game between attackers and security
Copyright © 2019 Raffael Marty. | 2

RAFFAEL MARTY
Sophos
PixlCloud
Loggly
Splunk
ArcSight
IBM Research
Security Visualization
Big Data
ML & AI
SIEM
Corp Strategy
Leadership
Zen
Copyright © 2019 Raffael Marty | 3

BEAT WORLD
CHAMPION AT GO
DESIGN MORE
EFFECTIVE DRUGS
MAKE SIRI
SMARTER
ARTIFICIAL INTELLIGENCE
Deep
Learning
Statistics
Unsupervised
Machine
Learning
Natural
Language
Processing

THE DANGERS OF AI SECURITY EXAMPLES
Fooling Facial Recognition
Hack Crash Tweet
Blacklisting of
Windows Executable
Pentagon AI Fail
Algorithm Bias
NOTIFY_SOCKET=/run/syst
emd/notify systemd-notify ""
Data Biases

WHAT MAKES ALGORITHMS DANGEROUS?
Algorithms make assumptions about the data.
Algorithms are too easy to use.
Algorithms do not take domain knowledge into account.
History is not a predictor of the future.
Copyright © 2019 Raffael Marty. | 6

UNDERSTAND YOUR DATA
dest port!
Port 70000?
src ports!
http://vis.pku.edu.cn/people/simingchen/docs/vastchallenge13-mc3.pdf

CHOOSING THE CORRECT ALGORITHM PARAMETERS
The dangers of not understanding algorithmic parameters
t-SNE clustering of network traffic from two types of machines
perplexity = 3
epsilon = 3
No clear separation
perplexity = 3
epsilon = 19
3 clusters instead of 2
perplexity = 93
epsilon = 19
What a mess
Copyright © 2019 Raffael Marty. | 8

INTELLIGENCE Expert KnowledgeSecurity Graph
DETECTION COMPONENTS
RISK-ADAPTIVE PROTECTION
ADDING THE INTELLIGENCE INTO AI
CYBER BEHAVIOR CATALOG

IOCs to
Behaviors
IOCs / Traditional Threat Intel Behavior
ESCAPING THE SECURITY CAT AND MOUSE GAME
CnC
Bot
Bot
IOC: Compromised IP addresses
• Characterizing machine and human behavior
• Leverage risk-based approaches
• From reactive to proactive
• From detection to protection / automation
Behavior: Botnet characteristics
Traffic size: 200-350bytes
Periodicity: 2 minutes
Jitter: 12 seconds
IPv4 proto: 6
App protocol: HTTPS

TAKEAWAYS
“Algorithms are getting ‘smarter’,
but experts are more important”
“Understand your data, your algorithms,
and your data science process”
“History is not a predictor
– but knowledge can be”

http://slideshare.net/zrlram
@raffaelmarty
QUESTIONS?
Copyright © 2019 Raffael Marty. | 15

What's hot

Machine Learning (ML) and Artificial Intelligence (AI) have been proclaimed as perhaps the next great leap in human quality of life, as well as a potential reason for our extinction. Somewhere in between lies how ML & AI can potentially improve our Cyber Security efforts. But are ML & AI a true panacea or merely the next shiny trinket for the cyber industry to fixate on? In this webinar we will explore: How ML & AI are currently being utilized in cyber security efforts. What is working and what has not worked What is on the both the short term and near-term horizon for ML &AI Practical steps you can take now to begin leveraging these technologies to tangibly improve your cyber security posture Join our panel of industry experts as we explore this brave new frontier in cyber security with a candid look cutting through the hype.

How Machine Learning & AI Will Improve Cyber Security

DevOps.com

With the rise of automation and artificial intelligence, you may be wondering how much of an impact this has on IT security. The question is, where will the future of machine learning and AI in cybersecurity take us and what are the limitations and advantages this technology offers in defending against the insider threat? Join us to find out more about AI and where you should be applying it right now. Learning outcomes: The current state of AI practice and research, and how this is impacting its use in cyber security What the current strengths and weaknesses are with existing AI approaches What next generation AI will deliver for us with regards to ensuring we can promptly detect and respond to security incidents

AI In Cybersecurity – Challenges and Solutions

ZoneFox

Challenges in Applying AI to Enterprise Cybersecurity

Tahseen Shabab

This 20 minute talk was delivered by Forcepoint Principal Security Analyst Carl Leonard at Infosecurity Europe 2018. Delivered to the Strategy track this talk provides a review of the macro trends affecting businesses today, reviews root cause of standout data breaches, highlights the security risk presented by employees, and offers guidance on how to protect your business from specific root causes.

One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...

Forcepoint LLC

Every single security company is talking about how they are using machine learning—as a security company you have to claim artificial intelligence to be even part of the conversation. However, this approach can be dangerous when we blindly rely on algorithms to do the right thing. Rather than building systems with actual security knowledge, companies are using algorithms that nobody understands and, in turn, discovering wrong insights. In this session, we will discuss: • Limitations of machine learning and issues of explainability • Where deep learning should never be applied • Examples of how the blind application of algorithms can lead to wrong results

AI and ML in Cybersecurity

Forcepoint LLC

The cyber security industry has spent trillions of dollars to keep external attackers at bay. To what effect? We still don't see an end to the cat and mouse game between attackers and the security industry; zero day attacks, new vulnerabilities, ever increasingly sophisticated attacks, etc. We need a paradigm shift in security. A shift away from traditional threat intelligence and indicators of compromise (IOCs). We need to look at understanding behaviors. Those of devices and those of humans. What are the security approaches and trends that will make an actual difference in protecting our critical data and intellectual property; not just from external attackers, but also from malicious insiders? We will explore topics from the 'all solving' artificial intelligence to risk-based security. We will look at what is happening within the security industry itself, where startups are putting placing their bets, and how human factors will play an increasingly important role in security, along with all of the potential challenges that will create.

Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?

Raffael Marty

Actionable Threat Intelligence

OWASP Delhi

Cybersecurity with AI - Ashrith Barthur

Sri Ambati

It's an interesting exercise to look back to the year 2000 to see how we approached cyber security. We just started to realize that data might be a useful currency, but for the most part, security pursued preventative avenues, such as firewalls, intrusion prevention systems, and anti-virus. With the advent of log management and security incident and event management (SIEM) solutions we started to gather gigabytes of sensor data and correlate data from different sensors to improve on their weaknesses and accelerate their strengths. But fundamentally, such solutions didn't scale that well and struggled to deliver real security insight. Today, cybersecurity wouldn't work anymore without large scale data analytics and machine learning approaches, especially in the realm of malware classification and threat intelligence. Nonetheless, we are still just scratching the surface and learning where the real challenges are in data analytics for security. This talk will go on a journey of big data in cybersecurity, exploring where big data has been and where it must go to make a true difference. We will look at the potential of data mining, machine learning, and artificial intelligence, as well as the boundaries of these approaches. We will also look at both the shortcomings and potential of data visualization and the human computer interface. It is critical that today's systems take into account the human expert and, most importantly, provide the right data.

Delivering Security Insights with Data Analytics and Visualization

Raffael Marty

Visualizing Threats: Network Visualization for Cyber Security

Cambridge Intelligence

Threat Intelligence Workshop

Priyanka Aash

Link to the video of the presentation: https://www.youtube.com/watch?v=WG1k-Xh1TqM Every single security company is talking in some way or another about how they are applying machine learning. Companies go out of their way to make sure they mention machine learning and not statistics when they explain how they work. Recently, that's not enough anymore either. As a security company you have to claim artificial intelligence to be even part of the conversation. Guess what. It's all baloney. We have entered a state in cyber security that is, in fact, dangerous. We are blindly relying on algorithms to do the right thing. We are letting deep learning algorithms detect anomalies in our data without having a clue what that algorithm just did. In academia, they call this the lack of explainability and verifiability. But rather than building systems with actual security knowledge, companies are using algorithms that nobody understands and in turn discover wrong insights. In this talk, I will show the limitations of machine learning, outline the issues of explainability, and show where deep learning should never be applied. I will show examples of how the blind application of algorithms (including deep learning) actually leads to wrong results. Algorithms are dangerous. We need to revert back to experts and invest in systems that learn from, and absorb the knowledge, of experts.

AI & ML in Cyber Security - Why Algorithms are Dangerous

Raffael Marty

The #CyberAvengers' Paul Ferrillo (a/k/a Director Fury) and Shawn Tuma (a/k/a Hulk) presented at the Practical Cybersecurity Risk Management Strategies program of the New Jersey State Bar Association (NJSBA) Cybersecurity Institute on November 17, 2017. In this presentation, Fury and Hulk focused the core #CyberAvengers message of the real-life cybersecurity issues facing most companies -- the basics of good cyber hygiene -- and explained how artificial intelligence and machine learning will help companies do a better job at getting these right, along with how and why AI/ML play a critical role in the future of cybersecurity.

#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

Shawn Tuma

For decades, the security profession has relied on the best technology we had at the time to deflect the onslaught of what we faced daily in the way of virus and malware attacks. Now, as predicted by Thomas Kuhn in his book “The Structure of Scientific Revolutions, we’re seeing the dawn of a new day where AI’s machine learning and advanced mathematical algorithms now offer validated deflection rates, pre-execution, in the realm of 99%. This session will explore this new paradigm and how it will impact our future. Main points covered: • How did our profession change in the world of reactive detection? • How to escape the inertia that held us, prisoners? • What is the power of AI and machine learning? • What are the risks of this new technology? Presenter: Our presenter for this webinar, John McClurg serves as Vice President and Ambassador-At-Large of Cylance, where he is responsible for building Security and Trust programs & operational excellence efforts. Prior to Cylance, he served as the CSO of Dell, Honeywell, and Lucent and in the U.S. Intelligence Community, as a twice-decorated member of the Federal Bureau of Investigation (FBI). He also served as a Deputy Branch Chief of CIA where he helped to establish the new Counterespionage Group and was responsible for the management of complex counterespionage investigations. McClurg was voted one of America’s 25 most influential security professionals. Organizer: Ardian Berisha Date: October 25th, 2018 Recorded webinar link:

The Future of Security: How Artificial Intelligence Will Impact Us

PECB

“AI is the new electricity” proclaims Andrew Ng, co-founder of Google Brain. Just as we need to know how to safely harness electricity, we also need to know how to securely employ AI to power our businesses. In some scenarios, the security of AI systems can impact human safety. On the flip side, AI can also be misused by cyber-adversaries and so we need to understand how to counter them. This talk will provide food for thought in 3 areas: Security of AI systems Use of AI in cybersecurity Malicious use of AI

AI and Cybersecurity - Food for Thought

NUS-ISS

AI is the simulation of human intelligence processes by machines, especially computer systems. These processes include learning, reasoning, and self-correction. Integrating it with Cybersecurity is beneficial because it improves how security experts analyze, study, and understand cyber-crime. In this talk, we will discuss & explain AI and how to integrate it with Cybersecurity to detect many types of attacks. The talk will cover many applications in Cybersecurity in which we can apply AI to improve those applications. Finally, I will present a demo on how to build your development environment with some scripting examples.

The good, the bad, and the ugly on integration ai with cybersecurity

Mohammad Khreesha

Threat intelligence is knowledge that allows you to prevent or mitigate cyberattacks. Rooted in data, threat intelligence gives you context that helps you make informed decisions about your security by answering questions like who is attacking you, what their motivations and capabilities are, and what indicators of compromise in your systems to look for. reference:https://www.recordedfuture.com/threat-intelligence-definition/

Threat intelligence in security

Osama Ellahi

Threat Intelligence

Deepak Kumar (D3)

AI and Machine Learning In Cybersecurity | A Saviour or Enemy?

SahilRao25

Sans cyber-threat-intelligence-survey-2015

Roy Ramkrishna

What's hot (20)

How Machine Learning & AI Will Improve Cyber Security

AI In Cybersecurity – Challenges and Solutions

Challenges in Applying AI to Enterprise Cybersecurity

One Year After WannaCry - Has Anything Changed? A Root Cause Analysis of Data...

AI and ML in Cybersecurity

Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?

Actionable Threat Intelligence

Cybersecurity with AI - Ashrith Barthur

Delivering Security Insights with Data Analytics and Visualization

Visualizing Threats: Network Visualization for Cyber Security

Threat Intelligence Workshop

AI & ML in Cyber Security - Why Algorithms are Dangerous

#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm

The Future of Security: How Artificial Intelligence Will Impact Us

AI and Cybersecurity - Food for Thought

The good, the bad, and the ugly on integration ai with cybersecurity

Threat intelligence in security

Threat Intelligence

AI and Machine Learning In Cybersecurity | A Saviour or Enemy?

Sans cyber-threat-intelligence-survey-2015

Similar to Understanding the "Intelligence" in AI

Every single security company is talking in some way or another about how they are applying machine learning. Companies go out of their way to make sure they mention machine learning and not statistics when they explain how they work. Recently, that's not enough anymore either. As a security company you have to claim artificial intelligence to be even part of the conversation. Guess what. It's all baloney. We have entered a state in cyber security that is, in fact, dangerous. We are blindly relying on algorithms to do the right thing. We are letting deep learning algorithms detect anomalies in our data without having a clue what that algorithm just did. In academia, they call this the lack of explainability and verifiability. But rather than building systems with actual security knowledge, companies are using algorithms that nobody understands and in turn discover wrong insights. In this talk, I will show the limitations of machine learning, outline the issues of explainability, and show where deep learning should never be applied. I will show examples of how the blind application of algorithms (including deep learning) actually leads to wrong results. Algorithms are dangerous. We need to revert back to experts and invest in systems that learn from, and absorb the knowledge, of experts.

AI & ML in Cyber Security - Why Algorithms are Dangerous

Priyanka Aash

IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf

IRJET Journal

Artificial Intelligence Techniques for Cyber Security

IRJET Journal

AI: The New Player in Cybersecurity (Nov. 08, 2023)

Takeshi Takahashi

CIS AIML Beginners Series Part 1

Council Of Information Security

IRJET- Intervention of Artificial Intelligence in Cyber Security

IRJET Journal

The management of AI systems is a shared responsibility. By implementing the ISO 31000 Framework and complying with emerging regulations like the EU ACT, we can jointly create a more reliable, secure, and trustworthy AI ecosystem. Amongst others, the webinar covers: • Understanding AI and the regulatory landscape • AI and the threat landscape • A risk driven approach to AI assurance - based on ISO 31000 principles • Stress testing to evaluate risk exposure Presenters: Chris Jefferson Chris is the Co-Founder and CTO at Advai. As the Co-Founder of Advai, Chris is working on the application of defensive techniques to help protect AI and Machine Learning applications from being exploited. This involves work in DevOps and MLOps to create robust and consistent products that support multiple platforms, such as cloud, local, and edge. Nick Frost Nick Frost is Co-founder and Lead Consultant at CRMG. Nick’s career in cyber security spanning nearly 20 years. Most recently Nick has held leadership roles at PwC as Group Head of Information Risk and at the Information Security Forum (ISF) as Principal Consultant. In particular Nick was Group Head of Information Risk for PwC designing and implementing best practice solutions that made good business sense that prioritized key risks to the organisation and helped minimize disruption to ongoing operations. Whilst at the ISF Nick led their information risk projects and delivered many of the consultancy engagements to help organisations implement leading thinking in information risk management. Nicks combined experience as a cyber risk researcher and practitioner designing and implementing risk based solutions places him as a leading cyber risk expert. Prior to cyber security and after graduating from UCNW and Oxford Brookes Nick was a geophysicist in the Oil and Gas Industry. Date: August 24, 2023 ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/en/education-and-certification-for-individuals/iso-31000 Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/MXnHC6AvjXc

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

PECB

Artificial Intelligence in cybersecurity

SmartlearningUK

Artificial Intelligence and Cybersecurity

Olivier Busolini

Today, automation plays a larger role in cyber-security than ever before – for both sides, the attackers and the defenders. The escalation in volume and sophistication of attacks, constantly evolving cloud environments and transition to a remote workforce are putting additional pressure on organizations to transform Security Operations and Defense Centers. Since the advent of automation and ML/AI technologies and their promised impact to transform incident response processes and threat hunting capabilities, what lessons have we learnt in ‘fine tuning’ process flows and automations in SecOps? - Moving beyond the marketing hype, how is automation actually serving attackers and defenders today and what trends are happening here? - What are the lessons learned – the good, bad and ugly – in automating security operations processes? - Is there a right path to automation and what are the alternatives?

Cyber Defense Automation

♟Sergej Epp

9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx

PhmNam55

Artificial Intelligence (AI) and Machine Learning (ML) technologies have many positive applications, from helping researchers better understand neural pathways in the brain to assisting law enforcement with identifying suspects in criminal investigations. They are renowned for the greater good of cybersecurity. However, these technologies also hold the potential to ruin our perfectly running digital world and become a source of power to the dark web users/administrators. If you’re not familiar with how AI and ML might impact cybersecurity, this blog will discuss both sides of the coin and help you better understand how this technology might affect you one day soon. Under the right hands, they are a boon to humanity, but they can quickly turn into a bane on the corrupt hands. As for now, upgrade your security with these technologies to stay in the competition. Connect with a Machine Learning company in India to maximize your cybersecurity. https://bit.ly/3rrYI3J #cybersecurity #aiincybersecurity #mlincybersecurity #machinelearningincybersecurity #artificialintelligenceincybersecurity #hireaidevelopers #machinelearningcompaniesinindia #machinelearningdevelopmentcompany #machinelearningdevelopmentservices #topmachinelearningcompanies

Top Positive and Negative Impacts of AI & ML on Cybersecurity

Pixel Crayons

Cyber Security & Data Protection India Summit 2018 aims to convene the best minds in Cybersecurity under one roof to create an interactive milieu for exchange of knowledge and ideas. The event will endeavour to address the emerging and continuing threats to Cybersecurity and its changing landscape, as well as respond to increasing risk of security breaches and security governance, application security, cloud based security, Network, Mobile and endpoint security and other cyber risks in the India and abroad.

Combating Cyber Security Using Artificial Intelligence

Inderjeet Singh

Security in the age of Artificial Intelligence

Faction XYZ

I will talk about innovation in the area of cyber security analytics - developing machine learning methods to detect and block cyber attacks (e.g. detecting ransomware within 4 seconds of execution and killing the underlying processes). Rather than just focusing on this as a 'black box', I'll pull it apart and talk about how we can use these methods to enable security practitioners (SOC/CIRT etc) to ask and answer questions about 'what' and 'why' these methods are flagging attacks. I'll also talk about resilience of machine learning methods to manipulation and adversarial attacks - how stable these approaches are to diversity and evolution of malware for example.

AI for Cybersecurity Innovation

Pete Burnap

PaloAlto Enterprise Security Solution

Prime Infoserv

The information security industry is a fast-paced ever-transforming field, which in the past couple of years with the influx of off-the-shelf malware, advance exploit kits and paid DDoS services has seen an increase in the importance of timely, proactive response. To enable the organization to successfully mount an impregnable defense, the need of the hour is to capture, analyze and provide actionable information that can be used to safeguard the organization. Enter ‘Cyber Threat intelligence’. Cyber Threat Intelligence is a new yet massively evolving domain in information security today. Since the beginning of time, Information (Knowledge) has always been regarded as a critical form of an advantage in any strategy-making process. CTI over the years has rolled from a previously perceived set of skills and techniques to a well-defined framework with the new infused market requirements spawning from the recent threat activities in the ever-changing IT landscape which has bought sophisticated attacks such as State-sponsored cyber-attacks, Ransomware, APT’s, Zero-days and Hacktivism that is now at the very doorstep of government, big & small corporations alike.

Need for Threat Intelligence & How to Operationalize it for your Organisation.

Aditya Mukherjee Information Security

icon-aiincs-obusolini201809131800-190310184140.pptx

yugandharadahiphale2

icon-aiincs-obusolini201809131800-190310184140.pptx

yugandharadahiphale2

A presentation given in April 2019 in London during ICS Cyber Security Conference. I discuss an anonymized investigation conducted by our team to identify a real malware infection on a production network, the tools and techniques used to contain this threat and how to use threat intelligence and visibility to stay ahead of cyber adversaries. Asset visibility and network baselining Continuous network monitoring Threat intelligence ingestion Thorough incident response plans

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks

Angeloluca Barba

Similar to Understanding the "Intelligence" in AI (20)

AI & ML in Cyber Security - Why Algorithms are Dangerous

IRJET-https://www.irjet.net/archives/V5/i3/IRJET-V5I377.pdf

Artificial Intelligence Techniques for Cyber Security

AI: The New Player in Cybersecurity (Nov. 08, 2023)

CIS AIML Beginners Series Part 1

IRJET- Intervention of Artificial Intelligence in Cyber Security

Managing ISO 31000 Framework in AI Systems - The EU ACT and other regulations

Artificial Intelligence in cybersecurity

Artificial Intelligence and Cybersecurity

Cyber Defense Automation

9.-Vectra._Managing-Cyber-Risk-by-applying-AI-to-automate-threat-hunting.pptx

Top Positive and Negative Impacts of AI & ML on Cybersecurity

Combating Cyber Security Using Artificial Intelligence

Security in the age of Artificial Intelligence

AI for Cybersecurity Innovation

PaloAlto Enterprise Security Solution

Need for Threat Intelligence & How to Operationalize it for your Organisation.

icon-aiincs-obusolini201809131800-190310184140.pptx

Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks

More from Raffael Marty

Exploring the Defender's Advantage

Raffael Marty

Extended Detection and Response, or XDR for short, is one of the acronyms that are increasingly used by cybersecurity vendors to explain their approach to solving the cyber security problem. We have been spending trillions of dollars on approaches to secure our systems and data, with what success? Cybersecurity is still one of the biggest and most challenging areas that companies, small and large, are dealing with. XDR is another approach driven by security vendors to solve this problem. The challenge is that every vendor defines XDR slightly differently and makes it fit their own “challenge du jour” for marketing and selling their products. In this presentation we will demystify the XDR acronym and put a working model behind it. Together, we will explore why XDR is a fabulous concept, but also discover that it’s nothing revolutionarily new. With an MSP lens, we will explore what the XDR benefits are for small and medium businesses and what it means to the security strategy of both MSPs and their clients. The audience will leave with a clear understanding of what XDR is, how the technology matters to them, and how XDR will ultimately help them secure their customers and enable trusted commerce.

Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...

Raffael Marty

Blog Post: http://raffy.ch/blog. - Video: https://youtu.be/nk5uz0VZrxM In this video we talk about the world of security data or log data. In the first section, we dive into a bit of a history lesson around log management, SIEM, and big data in security. We then shift to the present to discuss some of the challenges that we face today with managing all of that data and also discuss some of the trends in the security analytics space. In the third section, we focus on the future. What does tomorrow hold in the SIEM / security data space? What are some of the key features we will see and how does this matter to the user of these approaches.

How To Drive Value with Security Data

Raffael Marty

Every single security company is talking in some way or another about how they are applying machine learning. Companies go out of their way to make sure they mention machine learning and not statistics when they explain how they work. Recently, that's not enough anymore either. As a security company you have to claim artificial intelligence to be even part of the conversation. Guess what. It's all baloney. We have entered a state in cyber security that is, in fact, dangerous. We are blindly relying on algorithms to do the right thing. We are letting deep learning algorithms detect anomalies in our data without having a clue what that algorithm just did. In academia, they call this the lack of explainability and verifiability. But rather than building systems with actual security knowledge, companies are using algorithms that nobody understands and in turn discover wrong insights. In this talk I will show the limitations of machine learning, outline the issues of explainability, and show where deep learning should never be applied. I will show examples of how the blind application of algorithms (including deep learning) actually leads to wrong results. Algorithms are dangerous. We need to revert back to experts and invest in systems that learn from, and absorb the knowledge, of experts.

AI & ML in Cyber Security - Why Algorithms Are Dangerous

Raffael Marty

Ensuring security of a company’s data and infrastructure has largely become a data analytics challenge. It is about finding and understanding patterns and behaviors that are indicative of malicious activities or deviations from the norm. Data, Analytics, and Visualization are used to gain insights and discover those malicious activities. These three components play off of each other, but also have their inherent challenges. A few examples will be given to explore and illustrate some of these challenges,

Security Insights at Scale

Raffael Marty

The security industry is talking a lot about threat intelligence; external information that a company can leverage to understand where potential threats are knocking on the door and might have already perpetrated the network boundaries. Conversations with many CERTs have shown that we have to stop relying on knowledge about how attacks have been conducted in the past and start ‘hunting’ for signs of compromises and anomalies in our own environments. In this presentation we explore how the decade old field of security visualization has emerged. We show how we have applied advanced analytics and visualization to create our own threat intelligence and investigated lateral movement in a Fortune 50 company. Visualization. Data science. No machine learning. But pretty pictures.What is internal threat intelligence? Check out http://www.darkreading.com/analytics/creating-your-own-threat-intel-through-hunting-and-visualization/a/d-id/1321225

Creating Your Own Threat Intel Through Hunting & Visualization

Raffael Marty

The security industry is talking a lot about threat intelligence; external information that a company can leverage to understand where potential threats are knocking on the door and might have already perpetrated the network boundaries. Conversations with many CERTs have shown that we have to stop relying on knowledge about how attacks have been conducted in the past and start 'hunting' for signs of compromises and anomalies in our own environments. In this presentation we explore how the decade old field of security visualization has emerged. We show how we have applied advanced analytics and visualization to create our own threat intelligence and investigated lateral movement in a Fortune 50 company. Visualization. Data science. No machine learning. But pretty pictures. Here is a blog post I wrote a bit ago about the general theme of internal threat intelligence: http://www.darkreading.com/analytics/creating-your-own-threat-intel-through-hunting-and-visualization/a/d-id/1321225?

Creating Your Own Threat Intel Through Hunting & Visualization

Raffael Marty

The extent and impact of recent security breaches is showing that current security approaches are just not working. But what can we do to protect our business? We have been advocating monitoring for a long time as a way to detect subtle, advanced attacks that are still making it through our defenses. However, products have failed to deliver on this promise. Current solutions don't scale in both data volume and analytical insights. In this presentation we will explore what security monitoring is. Specifically, we are going to explore the question of how to visualize a billion log records. A number of security visualization examples will illustrate some of the challenges with big data visualization. They will also help illustrate how data mining and user experience design help us get a handle on the security visualization challenges - enabling us to gain deep insight for a number of security use-cases.

Visualization in the Age of Big Data

Raffael Marty

Big Data Visualization

Raffael Marty

The extent and impact of recent security breaches is showing that current approaches are just not working. But what can we do to protect our business? We have been advocating monitoring for a long time as a way to detect subtle, advanced attacks. However, products have failed to deliver on this promise. Current solutions don't scale in both data volume and analytical insights. In this presentation we will explore why it is so hard to come up with a security monitoring (or shall we call it security intelligence) approach that helps find sophisticated attackers in all the data collected. We are going to explore the question of how to visualize a billion events. We are going to look at a number of security visualization examples to illustrate the problem and some possible solutions. These examples will also help illustrate how data mining and user experience design help us get a handle of the security visualization challenges - enabling us to gain deep insight for a number of security use-cases.

The Heatmap  - Why is Security Visualization so Hard?

Raffael Marty

Big Data is the latest hype in the security industry. We will have a closer look at what big data is comprised of: Hadoop, Spark, ElasticSearch, Hive, MongoDB, etc. We will learn how to best manage security data in a small Hadoop cluster for different types of use-cases. Doing so, we will encounter a number of big-data open source tools, such as LogStash and Moloch that help with managing log files and packet captures. As a second topic we will look at visualization and how we can leverage visualization to learn more about our data. In the hands-on part, we will use some of the big data tools, as well as a number of visualization tools to actively investigate a sample data set.

Workshop: Big Data Visualization for Security

Raffael Marty

Vision is a human’s dominant sense. It is the communication channel with the highest bandwidth into the human brain. Security tools and applications need to make better use of information visualization to enhance human computer interactions and information exchange. In this talk we will explore a few basic principles of information visualization to see how they apply to cyber security. We will explore both visualization as a data presentation, as well as a data discovery tool. We will address questions like: What makes for effective visualizations? What are some core principles to follow when designing a dashboard? How do you go about visually exploring a terabyte of data? And what role do big data and data mining play in security visualization? The presentation is filled with visualizations of security data to help translate the theoretical concepts into tangible applications.

Visualization for Security

Raffael Marty

This presentation explores why it is so hard to come up with a security monitoring (or shall we call it security intelligence) approach that helps find sophisticated attackers in all the data collected. It explores the question of how to visualize a billion events. To do so, the presentation dives deeply into heatmaps - matrices - as an example of a simple type of visualization. While these heatmaps are very simple, they are incredibly versatile and help us think about the problem of security visualization. They help illustrate how data mining and user experience design help get a handle of the security visualization challenges - enabling us to gain deep insight for a number of security use-cases.

The Heatmap  - Why is Security Visualization so Hard?

Raffael Marty

DAVIX - Data Analysis and Visualization Linux

Raffael Marty

Cloud - Security - Big Data

Raffael Marty

Video can be found at: http://youtu.be/CEAMF0TaUUU In the Cyber Security domain, we have been collecting ‘big data’ for almost two decades. The volume and variety of our data is extremely large, but understanding and capturing the semantics of the data is even more of a challenge. Finding the needle in the proverbial haystack has been attempted from many different angles. In this talk we will have a look at what approaches have been explored, what has worked, and what has not. We will see that there is still a large amount of work to be done and data mining is going to play a central role. We’ll try to motivate that in order to successfully find bad guys, we will have to embrace a solution that not only leverages clever data mining, but employs the right mix between human computer interfaces, data mining, and scalable data platforms.

Cyber Security – How Visual Analytics Unlock Insight

Raffael Marty

AfterGlow is a script that assists with the visualization of log data. It reads CSV files and converts them into a Graph description. Check out http://afterglow.sf.net for more information also. This short presentation gives an overview of AfterGlow and outlines the features and capabilities of the tool. It discusses some of the harder to understand features by showing some configuration examples that can be used as a starting point for some more sophisticated setups. AftterGlow is one the most downloaded security visualization tools with over 17,000 downloads.

AfterGlow

Raffael Marty

Supercharging Visualization with Data Mining

Raffael Marty

Security Visualization - Let's Take A Step Back

Raffael Marty

Big data and security intelligence are the two hot security topics in 2012. We are collecting more and more information from both the infrastructure, but increasingly also directly from our applications. Some companies are moving away from traditional log management and SIEM tools and are deploying big data products. But what is this big data craze all about? Why is it that we have more and more data to look at? And is big data the right approach or what is missing? The presentation takes the audience on a journey through big data tools and show that analytical tools are needed to make use of these infrastructures. How can visualization be used to fill in the gap in analytics to move into gaining situational awareness and building up security intelligence.

Visual Analytics and Security Intelligence

Raffael Marty

More from Raffael Marty (20)

Exploring the Defender's Advantage

Extended Detection and Response (XDR)An Overhyped Product Category With Ulti...

How To Drive Value with Security Data

AI & ML in Cyber Security - Why Algorithms Are Dangerous

Security Insights at Scale

Creating Your Own Threat Intel Through Hunting & Visualization

Visualization in the Age of Big Data

Big Data Visualization

The Heatmap  - Why is Security Visualization so Hard?

Workshop: Big Data Visualization for Security

Visualization for Security

The Heatmap  - Why is Security Visualization so Hard?

DAVIX - Data Analysis and Visualization Linux

Cloud - Security - Big Data

Cyber Security – How Visual Analytics Unlock Insight

AfterGlow

Supercharging Visualization with Data Mining

Security Visualization - Let's Take A Step Back

Visual Analytics and Security Intelligence

Recently uploaded

www.seribangash.com The Mariana Trench is one of the most remarkable geological features on Earth. Here are some details about it: Location: The Mariana Trench is located in the western Pacific Ocean, east of the Mariana Islands. It stretches for about 2,550 kilometers (1,580 miles) and is known as the deepest part of the world's oceans. Depth: The trench reaches incredible depths, with its deepest point known as the Challenger Deep, which plunges down to approximately 10,984 meters (36,037 feet) below sea level. To put this into perspective, if Mount Everest, the tallest mountain on Earth, were placed at the bottom of the Challenger Deep, its peak would still be over 2 kilometers (1.25 miles) underwater. Formation: The Mariana Trench was formed by the subduction of the Pacific Plate beneath the Mariana Plate. This process creates a deep trench as the heavier Pacific Plate is forced beneath the lighter Mariana Plate. Geological Features: The trench is characterized by steep, V-shaped valleys, and its walls are composed of highly compressed sedimentary rock. At the bottom of the trench, there are also large amounts of marine sediment. Pressure: The pressure at the bottom of the Mariana Trench is immense, reaching over 1,000 times the pressure at the surface. This extreme pressure creates a challenging environment for exploration and makes it difficult for organisms to survive. Exploration: Despite its extreme conditions, the Mariana Trench has been the subject of numerous scientific expeditions and explorations. One of the most famous explorations was the dive to the Challenger Deep by Swiss scientist Jacques Piccard and U.S. Navy Lieutenant Don Walsh in 1960. More recently, in 2012, filmmaker James Cameron made a solo dive to the bottom of the Challenger Deep in the Deepsea Challenger submersible. Biological Discoveries: Despite the harsh conditions, the Mariana Trench is home to a surprising variety of life forms, including unique species of deep-sea fish, crustaceans, and microbial life. Some organisms have adapted to survive in the extreme pressure and darkness of the trench. Environmental Importance: Studying the Mariana Trench provides valuable insights into the geology, biology, and oceanography of the deep sea. It also helps scientists better understand the processes that shape the Earth's crust and the distribution of life in the oceans. Conservation: Due to its remote location and extreme depths, the Mariana Trench has remained relatively untouched by human activity. However, there is growing concern about the potential impacts of deep-sea mining and pollution on this fragile ecosystem, highlighting the need for conservation efforts to protect this unique environment. https://seribangash.com/barber-shop-business-complete-guide-for-beginners/ https://seribangash.com/legend-virat-kohli-in-cricket-history/

The Mariana Trench remarkable geological features on Earth.pptx

seri bangash

Site Acceptance Test .

Poonam Aher Patil

Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service Best High Class call girls Service Escorts Service in Home Hotel in Delhi NCR 24 Hours Available Service. We provide Super Class Hot and Sexy Indian Female Escorts Service, A to Z Body and Mind Satisfaction by Top Class Female Models in Delhi Gurgaon Noida NCR in Hotel 24hrs In Call and Out Call Service At Lowest Price. We Have Indian Punjabi Kashmiri Northeast Every Type Sexy Bold Beautiful Young Soft Cute Charming Female Escorts Available. Hygienic Full AC Neat and Clean Rooms Avail. In Hotel 24hrs in Delhi NCR

Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service

monikaservice1

Forensic Biology & Its biological significance.pdf

rohankumarsinghrore1

High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...

chandars293

Digital Dentistry.Digital Dentistryvv.pptx

MohamedFarag457087

Bacterial Identification and Classifications

Areesha Ahmad

FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry

Alex Henderson

Theoretical predictions and observational data indicate a class of sub-Neptune exoplanets may have water-rich interiors covered by hydrogen-dominated atmospheres. Provided suitable climate conditions, such planets could host surface liquid oceans. Motivated by recent JWST observations of K2-18 b, we self-consistently model the photochemistry and potential detectability of biogenic sulfur gases in the atmospheres of temperate sub-Neptune waterworlds for the first time. On Earth today, organic sulfur compounds produced by marine biota are rapidly destroyed by photochemical processes before they can accumulate to significant levels. Domagal-Goldman et al. suggest that detectable biogenic sulfur signatures could emerge in Archean-like atmospheres with higher biological production or low UV flux. In this study, we explore biogenic sulfur across a wide range of biological fluxes and stellar UV environments. Critically, the main photochemical sinks are absent on the nightside of tidally locked planets. To address this, we further perform experiments with a 3D general circulation model and a 2D photochemical model (VULCAN 2D) to simulate the global distribution of biogenic gases to investigate their terminator concentrations as seen via transmission spectroscopy. Our models indicate that biogenic sulfur gases can rise to potentially detectable levels on hydrogen-rich water worlds, but only for enhanced global biosulfur flux (20 times modern Earth’s flux). We find that it is challenging to identify DMS at 3.4 μm where it strongly overlaps with CH4, whereas it is more plausible to detect DMS and companion byproducts, ethylene (C2H4) and ethane (C2H6), in the mid-infrared between 9 and 13 μm. Unified Astronomy Thesaurus concepts: Exoplanet atmospheres (487); Exoplanet

Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds

Sérgio Sacani

Mustard, as a crop, is susceptible to a variety of pests that can affect its growth and yield. Here’s a rundown of some common pests that target mustard plants: Aphids: These small, sap-sucking insects can cause significant damage by feeding on the leaves and stems. Aphids also excrete a sticky substance known as honeydew, which can lead to the growth of sooty mold on the plants. Flea Beetles: These tiny beetles jump like fleas when disturbed and chew small holes in the leaves. They are particularly damaging in the early growth stages of the plant. Cabbage Loopers: The larvae of a type of moth, these caterpillars are known for their distinctive looping movement. They chew large holes in the leaves and can defoliate plants if present in large numbers. Diamondback Moth Larvae: Another caterpillar pest, these larvae chew small holes in the leaves and can cause extensive damage, especially when infestations are heavy. Whiteflies: These are tiny, winged insects that feed on plant sap and can quickly become a problem in greenhouse or close planting conditions. Like aphids, they also secrete honeydew. Cutworms: These are the larvae of certain types of moths and are known for cutting young plants at the stem base at ground level. They are most destructive during the night. Root Maggots: The larvae of root maggot flies, these pests attack the roots of mustard plants, causing wilting and potentially killing young plants. Harlequin Bugs: These are colorful stink bugs that suck the sap from mustard plant stems and leaves, causing the leaves to become stippled, wilt, and eventually die if the infestation is severe. Mustard Sawfly: The larvae of the mustard sawfly can cause considerable defoliation, as they feed voraciously on the leaves. Clubroot: Caused by a fungus-like organism, clubroot affects the roots, causing them to swell and distort. While technically a disease, it is often associated with pest management because controlling it involves similar preventative strategies. Control Measures: Managing pests in mustard involves a combination of cultural, biological, and chemical methods. Crop rotation, resistant varieties, timely sowing, maintaining plant health, and using natural predators like ladybugs and parasitic wasps can help keep pest populations under control. Chemical pesticides should be used as a last resort due to their potential impact on the environment and non-target species.

Pests of mustard_Identification_Management_Dr.UPR.pdf

PirithiRaju

300003-World Science Day For Peace And Development.pptx

ryanrooker

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified

Delhi Call girls

Call Girls Dubai Dubai Call Girls Agency +971525547819 Vip Call Girls Dubai Hot Call Girls Dubai Out Call Girls Dubai Best Call Girls Dubai Indian And Pakistani Call Girls Dubai Independent Call Girls Dubai Dubai Indian Call Girls Agency Class Call Girls In Dubai #First Class Call Girls In Dubai #Full Massage Services Call Girls In Dubai Full Night Call Girls Dubai Hourly Call Girls Dubai Call Girls Deira Dubai Dating Call Girls In Deira Dubai Silicon Oasis Call Girls Dubai International City Call Girls Dubai Al Jaddaf Al Satwa Al Quoz Al Barsha South Media City Discovery Garden Call Girls Dubai Al Jaffiliya,Business Bay,Al Karama,Bur Dubai,Deira,Dubai,Palm Jumeirah,Al Wasl,Trade Centre,Dubai Mall,JBR,JVC,JLT,Discovery Garden Al Nahda Call Girls Dubai Al Qusais Call Girls Dubai Dating Call Girls Dubai Dubai Call Girls Services Provide In Ajman_Dubai_RAK_UMQ_Fujairah_Abu_Dhabi#Indian #Tamil #Kerala #Russian #Philippine #Morocco #Thailand #English Models In Dubai #If You Want Serv#Dubai Pakistani Call Girls Agency #Beautiful Call Girls in Dubai #High ices Just Send Me Text On Whatsapp +971525547819 #Website Link http://Dubaicallgirls.pro https://chatwith.io/s/65d1df48b2992

Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young

kajalvid75

Pulmonary drug delivery system M.pharm -2nd sem P'ceutics

sakshisoni2385

fruit fly, this slide mainly made for pumpkin fruit fly, this is also known as drosophila melangastor, this type of fruit fly destroyed the mainly vegetables crops. if you want to known examples this types of fly which is destroy the pumpkin, tomato, brinjal, potato, bottle guard, ridge guard, bitter guard, cucumber, water melon, musk melon, bean, long bean and other many vegetables which has fruits. they distryed fruit fly. thank you...

pumpkin fruit fly, water melon fruit fly, cucumber fruit fly

PRADYUMMAURYA1

Vip CALL GIRL IN Lonavala 9748763073❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL IN We are Providing :- ● – Private independent collage Going girls . ● – independent Models . ● – House Wife’s . ● – Private Independent House Wife’s ● – Corporate M.N.C Working Profiles . ● – Call Center Girls . ● – Live Band Girls . ●- Foreigners & Many More . Service type: 1.In call 2.out call 3. full Lip to Lip kiss 4.69 5.b-job without Condom 6. Hard Core sex & Much More. 7 Body to Body Touch 8 Kissing 9 Sucking Boobs and More 10 Enjoy by Hand 11 Relax By Oral 12 Sex with Happy Ending • In Call and Out Call Service • 3* 5* 7* Hotels Service • 24 Hours Available • Indian, Russian, Punjabi, Kashmiri Escorts • Real Models, College Girls, House Wife, Also Available • Short Time and Full Time Service Available • Hygienic Full AC Neat and Clean Rooms Avail. In Hotel 24 hours • Daily Escorts Staff Available • Minimum to Maximum Range Available.c

Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...

Monika Rani

Module for Grade 9 for Asynchronous/Distance learning

levieagacer

low price Call me 7857803690 100%genuine sexy VIP call girl safe service WhatsApp chat. 785780369 Normal call kijiye 7857803690 100% genuine young college girl and housewife Full enjoy open minded girl provide 24hour full cooperative model and full satisfactions☎️*78578//03690*⭐Escorts service █▬█⓿▀█▀ call girls and bhabhi available for room Sex and video call service A-1 HIGH CLASS CALL GIRLS TOP MODEL 24X7 HOME/HOTEL Call Girls Safe & Secure High Class Sm Affordable Rate 100% Satisfaction, Unlimited Enjoyment. Any Time for Model/Escort in High class luxury and premium

SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE

ayushi9330

Just Call Vip call girls Srinagar Jammu Kashmir Escorts ☎️ 8617697112 Starting From 5K to 15K High Profile Escorts In Srinagar Jammu Kashmir ❤Personal Whatsapp Number Jammu Kashmir Call Girls 8617697112 💦✅. There are a number of Srinagar Jammu Kashmir Escorts willing to meet you at an affordable rate, which also possesses high moral standards and humanitarian tendencies. These girls can help satisfy the sexual desires of clients without fail; it is therefore essential that clients select an established service. Our services feature various packages at competitive rates: One shot: ₹2000/in-call, ₹5000/out-call Two shots with one girl: ₹3500/in-call, ₹6000/out-call Body to body massage with sex: ₹3000/in-call Full night for one person: ₹7000/in-call, ₹10000/out-call

❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.

Nitya salvi

Bollworms are among the most damaging pests in cotton cultivation, affecting the bolls where the cotton fibers are formed. There are several species of bollworms, each capable of causing significant yield loss and quality degradation if not effectively managed. Here’s a detailed look at the primary bollworm species affecting cotton: Cotton Bollworm (Helicoverpa armigera): Also known as the corn earworm or the Old World bollworm, this pest is found in many regions around the world. It is highly polyphagous (feeds on many different plants) and poses a threat not only to cotton but also to maize, tomatoes, and legumes. The larvae bore into the cotton bolls, feeding on the developing seeds and fibers, which can lead to boll rot. Pink Bollworm (Pectinophora gossypiella): A significant pest of cotton, the pink bollworm larvae infest the cotton bolls, feeding on the seeds and lint. This can severely damage or destroy the bolls. In regions where pink bollworms are prevalent, they have been a major driver for the adoption of genetically engineered Bt cotton, which expresses a bacterium gene toxic to certain insects. Tobacco Budworm (Heliothis virescens): Closely related to the cotton bollworm, the tobacco budworm primarily attacks tobacco but is also a common pest in cotton. It primarily damages the flowers and bolls of the cotton plant. Differentiating between the tobacco budworm and the cotton bollworm based on appearance can be challenging, but it is crucial for effective management. American Bollworm (Helicoverpa zea): Known in some regions as the corn earworm, it is similar in behavior to Helicoverpa armigera and poses a threat to a variety of crops, including cotton. The larvae attack the cotton bolls, leading to direct damage to the cotton lint and seeds. Management Strategies: Cultural Controls: Crop rotation, destruction of crop residues, and deep plowing can help break the pest’s life cycle. Timing of planting can also be adjusted to avoid peak pest infestation. Biological Controls: Natural enemies like Trichogramma wasps, which parasitize bollworm eggs, and predators such as lacewings and ladybugs can be encouraged. Bacillus thuringiensis (Bt) products can also be sprayed, which are particularly effective against young larvae. Chemical Controls: Insecticides may be required when infestation levels exceed economic thresholds. However, resistance management must be considered, alternating modes of action to avoid developing resistance. Genetic Approaches: Bt cotton, genetically modified to express Bacillus thuringiensis toxin, has been highly effective in controlling bollworms and has dramatically reduced the reliance on chemical insecticides. Monitoring and Scouting: Regular field scouting and using pheromone traps to monitor adult populations can help in timely and targeted application of control measures. The effective management of bollworms often requires an integrated approach

Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf

PirithiRaju

Recently uploaded (20)

The Mariana Trench remarkable geological features on Earth.pptx

Site Acceptance Test .

Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service

Forensic Biology & Its biological significance.pdf

High Class Escorts in Hyderabad ₹7.5k Pick Up & Drop With Cash Payment 969456...

Digital Dentistry.Digital Dentistryvv.pptx

Bacterial Identification and Classifications

FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry

Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds

Pests of mustard_Identification_Management_Dr.UPR.pdf

300003-World Science Day For Peace And Development.pptx

Connaught Place, Delhi Call girls :8448380779 Model Escorts | 100% verified

Dubai Call Girls Beauty Face Teen O525547819 Call Girls Dubai Young

Pulmonary drug delivery system M.pharm -2nd sem P'ceutics

pumpkin fruit fly, water melon fruit fly, cucumber fruit fly

Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...

Module for Grade 9 for Asynchronous/Distance learning

SAMASTIPUR CALL GIRL 7857803690 LOW PRICE ESCORT SERVICE

❤Jammu Kashmir Call Girls 8617697112 Personal Whatsapp Number 💦✅.

Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf

Understanding the "Intelligence" in AI

1. Understanding the "Intelligence" in AI RAFFAEL MARTY VP Research and Intelligence Head of X-Labs, Forcepoint AI 4 Cyber | April 2019 | New York City

2. A BRIEF SUMMARY We don’t have artificial intelligence (yet) Algorithms can be dangerous - Understand your data and your algorithms Build systems that capture “expert knowledge” and augment human capabilities Escape the cat and mouse game between attackers and security Copyright © 2019 Raffael Marty. | 2

4. BEAT WORLD CHAMPION AT GO DESIGN MORE EFFECTIVE DRUGS MAKE SIRI SMARTER ARTIFICIAL INTELLIGENCE Deep Learning Statistics Unsupervised Machine Learning Natural Language Processing

5. THE DANGERS OF AI SECURITY EXAMPLES Fooling Facial Recognition Hack Crash Tweet Blacklisting of Windows Executable Pentagon AI Fail Algorithm Bias NOTIFY_SOCKET=/run/syst emd/notify systemd-notify "" Data Biases

6. WHAT MAKES ALGORITHMS DANGEROUS? Algorithms make assumptions about the data. Algorithms are too easy to use. Algorithms do not take domain knowledge into account. History is not a predictor of the future. Copyright © 2019 Raffael Marty. | 6

7. UNDERSTAND YOUR DATA dest port! Port 70000? src ports! http://vis.pku.edu.cn/people/simingchen/docs/vastchallenge13-mc3.pdf

8. CHOOSING THE CORRECT ALGORITHM PARAMETERS The dangers of not understanding algorithmic parameters t-SNE clustering of network traffic from two types of machines perplexity = 3 epsilon = 3 No clear separation perplexity = 3 epsilon = 19 3 clusters instead of 2 perplexity = 93 epsilon = 19 What a mess Copyright © 2019 Raffael Marty. | 8

9. INTELLIGENCE Expert KnowledgeSecurity Graph DETECTION COMPONENTS RISK-ADAPTIVE PROTECTION ADDING THE INTELLIGENCE INTO AI CYBER BEHAVIOR CATALOG

10. IOCs to Behaviors IOCs / Traditional Threat Intel Behavior ESCAPING THE SECURITY CAT AND MOUSE GAME CnC Bot Bot IOC: Compromised IP addresses • Characterizing machine and human behavior • Leverage risk-based approaches • From reactive to proactive • From detection to protection / automation Behavior: Botnet characteristics Traffic size: 200-350bytes Periodicity: 2 minutes Jitter: 12 seconds IPv4 proto: 6 App protocol: HTTPS

11. TAKEAWAYS “Algorithms are getting ‘smarter’, but experts are more important” “Understand your data, your algorithms, and your data science process” “History is not a predictor – but knowledge can be”

Understanding the "Intelligence" in AI

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Understanding the "Intelligence" in AI

Similar to Understanding the "Intelligence" in AI (20)

More from Raffael Marty

More from Raffael Marty (20)

Recently uploaded

Recently uploaded (20)

Understanding the "Intelligence" in AI