Here’s the schedule for this year. Registering here does not count. You MUST register to attend any of these. You may register here: https://www.bsidesslc.org/registration.html
You cannot manually add workshops to your schedule. You need to go register for them at https://www.bsidesslc.org/signup.html, and then the workshp will be added to your schedule.
Detecting outliers/anomalies are essential for querying and pivoting for malicious/unauthorized activity in the network. More often than not, organizations incorporate multiple levels of security using various products available to them to protect and defend their endpoints and network against cyber threats. Signals about potential threats are therefore derived from different sources.
The primary challenge to detecting outliers in a highly multidimensional space is the "curse-of-dimensionality". We collect over 4000 network atttributes and this results in the data looking very similar to each other in the original embedded vector space, rendering outlier algorithms ineffective. Attackers often maquerade the attack vectors to look like benign traffic and often the "tell" is in one or few of the network attributes. The significance of these smaller set of features is often lost when looking for outliers in the high-dimensional space.
In this talk, we will discuss a first-of-its-kind approach in the security industry to use minimal signals about malicious activity from different sources to learn new anomalous activity on demand. We will discuss various subspace clustering methods to determine appropriate subspaces where the outliers become "pronounced". We will also discuss ways to generate explanations for the outliers in this space, without which it is hard to validate and interpret outlier predictions.
User feedback is highly critical in on-demand learning systems both to course-correct the learning algorithm and to validate the predictions. In the last part of the talk, we will focus on effective user-feedback mechanisms to strengthen on-demand learning, by building dashboards for efficient data projection and visualization of the outliers.