FloCon 2018 has ended
Tucson, AZ – January 8-11, 2018


Watch this space for details on the technical program for FloCon 2018. In the meantime, see the FloCon website at www.cert.org/flocon.
Back To Schedule
Tuesday, January 9 • 9:30am - 10:00am
Optimal Machine Learning Algorithms for Cyber Threat Detection

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Seeing the exponential hike in global cyber threat spectrum, organisations are now striving more for utilising new data mining techniques in order to analyse security logs received from their IT infrastructures, to ensure potent cyber threat detection and subsequent incident response. Machine Learning based analysis for security machine data is the next emerging trend in cyber security, aimed at minimising the operational overheads of maintaining conventional static correlation rules in the security-monitoring devices. However, selecting the optimal algorithm with least number of false-positives still remains the impeding factor against the success of data science, especially in the case of any large- scale and global level Security Operations Centre (SOC) environment. This fact brings a dire need for an effective and efficient machine learning based cyber threat detection model. In this research, we are proposing optimal machine learning algorithms for detecting multiple types of cyber threat actors by analytically and empirically comparing gathered results from various anomaly detection, classification and forecasting algorithms. We will also recommend few advanced statical visualisations for security big data that will greatly augment the prevailing threat hunting tools and techniques.

Attendees will learn:
Machine Learning is the latest trend in the Cyber Security detection methodologies. Rapidly increasing versatile threat actors used in attack campaigns are making it extremely difficult for SIEM administrators to create and maintain effective static threat correlation rules. Machine Learning and threat hunting through Advanced Statistical Analytic should now be used by the enterprise SOC analysts in order to perform their routine operational intelligence. This research paper allows SOC individuals to understand how to use machine learning algorithms optimally in order to complement existing conventional threat hunting capabilities.

avatar for Hafiz Farooq

Hafiz Farooq

Chief Cyber Security Architect, Saudi Aramco
Hafiz Muhammad Farooq is a Senior Cyber Security Architect for Saudi Aramco's Global Security Operations Centre (SOC). With 16 years of research and professional experience in Cyber and Network Security domain, he is harnessing the first-line-of-defense against a huge spectrum of... Read More →

Tuesday January 9, 2018 9:30am - 10:00am MST
Presidio III, IV, V