One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1152635 |
| Date de publication | 2019-06-13 13:00:00 (vue: 2019-06-13 16:00:38) |
| Titre | Using data science to improve threat analysis | AT&T ThreatTraq |
| Texte |
Every week, the AT&T Chief Security Office produces a set of videos with helpful information and news commentary for InfoSec practitioners and researchers. I really enjoy them, and you can subscribe to the Youtube channel to stay updated. This is a transcript of a recent feature on ThreatTraq. Watch the video here. The video features Jaime Blasco, VP and Chief Scientist, AT&T Cybersecurity, Alien Labs, Brian Rexroad, VP, Security Platforms, AT&T, and Matt Keyser, Principal Technology Security, AT&T.
Jaime: Today we are going to talk about how machine learning is being applied in cybersecurity. We will also be discussing how data science can be used to improve threat analysis and threat detection.
Brian: All right, Jaime. Based on this discussion that we already had, maybe you can take us into a little deeper on how you are working with, you know, data science and machine learning in the area of threat detection and threat analysis.
Jaime: Absolutely. So one of the things that I want to start with is clarifying some misconceptions. In the cybersecurity industry, you're seeing many players talking about using AI and machine learning. Those two words you're going to see people using them in the same context but I wanted to clarify a little bit about what that means. For me, artificial intelligence is more the broad field and within artificial intelligence, we can talk about general artificial intelligence and narrow artificial intelligence. General artificial intelligence is something that doesn't exist yet. Right. We haven't been able to create an artificial intelligence that is able to generalize and reason as well as or better than humans. So, when we talk about narrow AI,..that's what machine learning is. It uses model that are able to solve a particular, really well defined problem.
Matt: Right now, we have a very narrow definition of functional artificial intelligence. And machine learning is one version of that, one technique that might be used to teach a machine how to solve a problem.
Brian: You know what, I think what the next stage that we need to get to is using artificial intelligence to figure out how to apply artificial intelligence. I mean, quite frankly...that's where it has to be and it's going to continue to be iterative to get deeper and deeper,.
Jaime: I totally agree. If you see some of the latest research from Google and others, the field of AutoML, is really popular with a lot of investments happening. For those of you that don't know what AutoML is, as Brian said, it's basically training a neural network to come up with new neural networks or novel architectures.
Brian: That will be the path to singularity in my opinion.
Jaime: So we can divide machine-learning techniques mainly in two categories: supervised machine learning and unsupervised machine learning. There’s a third one, reinforcement learning that we are not going to talk about today because I still haven't seen many use cases within cybersecurity. We talk about unsupervised machine learning in the area of anomaly detection or data exploration. And a point that I want to make there is we have many cyber security products out there that are applying unsupervised learning, including clustering, anomaly detection, etc. I'm not a huge fan of those algorithms in the cybersecurity context because they are prone to many false positives.
Matt: Things that are just clustering and finding things that are similar won't necessarily find you something malicious. That's when you need to apply a |
| Envoyé | Oui |
| Condensat | accuracy actually also amplification analyses analysis applications applying are at&t avoid based because behavior behaviors brian: but can case comforting consistency cool data demonstrate discussed driving earlier endpoint exploiting features feel future going good hand have hopefully improve interesting it's jaime: learning letting like limitations looking lot machine malicious many matt: not nternet off particular pay predict predicting probability really resources right sample scalability science smarter solved some something static talent technology terms that's those thought threat threattraq topics track trying understand unique use using very vulnerability way ways we're what will you're |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.