Summary of Threat Hunting with Data Science, Machine Learning, and Artificial Intelligence

This is an AI generated summary. There may be inaccuracies.
Summarize another video · Purchase summarize.tech Premium

00:00:00 - 01:00:00

This video discusses how data science, machine learning, and artificial intelligence can be used to identify threats in networks. It demonstrates how these technologies can be used to decode protocols and find malware.

  • 00:00:00 Dave is a data science instructor and author, and he presents on Threat Hunting. He explains that threat hunting has been taught at Sans for over a decade, and that it includes three parts: defense, depth, and context. He also discusses how machine learning and AI are being used in threat hunting, and how these technologies are changing the field.
  • 00:05:00 In the video, a security expert discusses how the approach to anomaly detection has not changed much over the past two decades, with the exception of the shift from skinny logs to sims.
  • 00:10:00 The video discusses how data science can be used to identify known attacks, and how this can help to improve overall security. It also discusses how the use of artificial intelligence can help to identify anomalies in data, and how this can be helpful in improving security.
  • 00:15:00 This video discusses Threat Hunting, which is the process of locating and analyzing malicious activity in a network. The presenter gives examples of how to use machine learning and artificial intelligence to monitor and identify threats.
  • 00:20:00 This video explains how data science can be used to discover threats on a network, and how it can be used to assess the impact of threats. It also explains how data science can be used to visualize the data.
  • 00:25:00 This video demonstrates how data science can be used to detect threats, including malware that is beaconing out to be detected. The data science used to detect this malware is based on real valued data, and there is drift around the time of the malware's peak activity due to the fact that the data is sampled frequency-wise rather than phase-wise.
  • 00:30:00 This video explains how data science can be used to find threats in an organization's network, and how clustering can be used to find correlations between data.
  • 00:35:00 The video discusses Threat Hunting, which is the process of identifying potential threats to systems by analyzing data. It then shows how data science and machine learning can be used to identify specific threats.
  • 00:40:00 The speaker discusses how machine learning and data science can be helpful in information security, but warns about the potential for scams in the field. He points to a well-known example of a machine that could play chess but was actually controlled by a human. He says that today, machine learning and ai are nowhere near as advanced as they are portrayed in Hollywood movies or in articles written by experts.
  • 00:45:00 This video discusses the hype cycle for artificial intelligence and machine learning, and how vendors are trying to capitalize on the trend by selling products that are not actually AI or machine learning.
  • 00:50:00 In this video, data scientists demonstrate how machine learning and artificial intelligence can be used to identify threats in networks. The blue line in the graph below represents the reconstruction loss for a boot discovery protocol, and the orange line represents anything else. The blue line is low, meaning that the data scientists were able to decode the boot discovery protocol without much difficulty. However, the orange line is high, meaning that the data scientists encountered problems when decoding other protocols.
  • 00:55:00 The presenter introduces a method of threat hunting called "data science, machine learning, and artificial intelligence." This method is used to identify unknown malware on captured assets. The method is 80% accurate in finding malware, even on assets with 5000 binaries.

01:00:00 - 01:30:00

The video provides an overview of threat hunting with data science, machine learning, and artificial intelligence. The speaker explains that because most malware code is not visually identifiable, a machine learning algorithm is needed to identify malware. The speaker demonstrates how an algorithm trained on training data can achieve an accuracy of 88 percent.

  • 01:00:00 The video discusses how data science can be used to identify patterns in handwritten digits and classify movie reviews. It then transitions to discussing machine learning and how university-level courses in data science and machine learning can help those without prior experience apply what they've learned to information security problems. The instructor warns students that if they are not familiar with these topics, they should not enroll in the class.
  • 01:05:00 In this video, data scientist and machine learning expert John Metz explains how linear algebra is a key part of threat hunting and machine learning, and how one can use a convolutional neural network (CNN) to improve accuracy and reduce errors.
  • 01:10:00 The video discusses how data science can be used to identify unknown malware in a set of files. The author demonstrates how eight filters can be used to identify digits, and explains that currently, there is no known way to know deterministically how many filters are needed. He tries eight filters with success, and if he gets an accuracy of 97%, he is happy with that. If he were to get an accuracy of 98%, he would try three more filters.
  • 01:15:00 The author discusses how data science is used to find malware. He introduces the concept of treating binaries as images and demonstrates how this works. He then goes on to say that some of the experiments done in the class didn't work, but that the final result was useful.
  • 01:20:00 In this video, the presenter shows how data science can be used to identify malware. He takes 16,000 bytes of data from known good binaries and plots it as images. He then loads the malware and trains a neural network to recognize it. He predicts that the neural network will be able to detect 95% of the samples.
  • 01:25:00 This video provides an overview of threat hunting with data science, machine learning, and artificial intelligence. The speaker explains that because most malware code is not visually identifiable, a machine learning algorithm is needed to identify malware. The speaker demonstrates how an algorithm trained on training data can achieve an accuracy of 88 percent.
  • 01:30:00 The author of the video discusses how Threat Hunting works and why it is important. He goes on to say that Threat Hunting requires a basic understanding of data science, machine learning, and artificial intelligence. He also recommends that people learn these concepts on their own rather than rely on vendors.

Copyright © 2024 Summarize, LLC. All rights reserved. · Terms of Service · Privacy Policy · As an Amazon Associate, summarize.tech earns from qualifying purchases.