This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Here’s the schedule for this year. Registering here does not count. You MUST register to attend any of these. You may register here: https://www.bsidesslc.org/registration.html

You cannot manually add workshops to your schedule. You need to go register for them at https://www.bsidesslc.org/signup.html, and then the workshp will be added to your schedule.
View analytic
Friday, March 10 • 1:00pm - 1:30pm
On-Demand Outlier Detection [OD^2] to Optimize Threat Analytics
Feedback form is now closed.
Detecting outliers/anomalies are essential for querying and pivoting for malicious/unauthorized activity in the network. More often than not, organizations incorporate multiple levels of security using various products available to them to protect and defend their endpoints and network against cyber threats. Signals about potential threats are therefore derived from different sources.
 The primary challenge to detecting outliers in a highly multidimensional space is  the "curse-of-dimensionality". We collect over 4000 network atttributes and this results in the data looking very similar to each other in the original embedded vector space, rendering outlier algorithms ineffective. Attackers often maquerade the attack vectors to look like benign traffic and often the "tell" is in one or few of the network attributes. The significance of these smaller set of features is often lost when looking for outliers in the high-dimensional space.
 In this talk, we will discuss a first-of-its-kind approach in the security industry to use minimal signals about malicious activity from different sources to learn new anomalous activity on demand. We will discuss various subspace clustering methods to determine appropriate subspaces where the outliers become "pronounced". We will also discuss ways to generate explanations for the outliers in this space, without which it is hard to validate and interpret outlier predictions.
 User feedback is highly critical in on-demand learning systems both to course-correct the learning algorithm and to validate the predictions. In the last part of the talk, we will focus on effective user-feedback mechanisms to strengthen on-demand learning, by building dashboards for efficient data projection and visualization of the outliers.

avatar for Parasaran Raman

Parasaran Raman

Sr. Data Scientist, Eastwind Networks
Applied Machine Learning Researcher. | University of Utah CS PhD.

Friday March 10, 2017 1:00pm - 1:30pm
Track 2 Salt Palace Convention Center

Attendees (20)

Twitter Feed