Use Model to Deconstruct Threats: Detect Intrusion by Statistical Learning

Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
REGISTER NOW
  1. Moscone West

Machine learning has been widely discussed in various areas. However, there is not much discussion about intrusion detection in large scale enterprise networks. This talk will propose a method based on statistical learning. The main idea is to identify unknown threats by modeling behaviors at different attack stages, and some tricks in performing pre-filter data and conducting post-correlate alarms.

Learning Objectives:
1: Understand the basic information of the security operations in a large Internet company.
2: Learn how to use statistical models to identify the unique patterns of post-exploitation attacks.
3: Master the necessary skills in performing pre-filter data and conducting post-correlate alarms.

Pre-Requisites:
Have basic statistical knowledge, familiar with the popular attack techniques.

Download pdf
Participants: