Threat Intelligence

1/11/2018
10:30 AM
Raffael Marty
Raffael Marty
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv

AI in Cybersecurity: Where We Stand & Where We Need to Go

How security practitioners can incorporate expert knowledge into machine learning algorithms that reveal security insights, safeguard data, and keep attackers out.

This visualization of 100GB of network traffic over a period of one week is used to determine 'normal' behavior and identify potential  anomalies by experts.
This visualization of 100GB of network traffic over a period of one week is used to determine 'normal' behavior and identify potential anomalies by experts.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
cknisley44
100%
0%
cknisley44,
User Rank: Apprentice
1/12/2018 | 4:37:14 PM
Bayesian Belief Networks for Cybersecurity
Really nice article highlighting the exact things we at Haystax Technology talk about with the use of AI in cybersecurity. It seems every vendor has launched a new version of their product in the past year with the tagline of "New and improved with AI". 

There are great places where ML is perfect for cybersecurity, but only as a part of the solution. The heart of our Constellation Analytics Platform is a Bayesian Inference Network built over years of research to reason like a team of cyber experts across weak inputs from disparate sensor systems. Some of those sensors need ML techniques to find the real signal, some don't - but they all come together in a BayesNet that prioritizes the threat and ultimately the risk. 

We believe this is the only viable approach today given what you highlighted of lack of training data, and even if you had some training data, sensor outputs change frequently as the environment changes. Only with additional context can you uncover those malicious events that represent the highest risks. 
cchio
100%
0%
cchio,
User Rank: Apprentice
1/11/2018 | 11:38:23 PM
Great post!
Enjoyed your post. Agree with many of the points you made. Think you will resonate with a lot we have to say in the book we are publishing next month - https://www.amazon.com/Machine-Learning-Security-Protecting-Algorithms/dp/1491979909 Happy to chat more!
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.