Can behavioral analytics for enterprise security benefit from approaches in NLP?
Who is this presentation for?
- Data scientists, ML engineers, IT and enterprise security engineers, and anyone interested in the application of natural language processing (NLP) to other domains
Advances in NLP in semantic encoding techniques, specifically to tame polysemous words, have made a great impact in text and sequence analysis. The first step in the successful cross-domain application of NLP to enterprise security may just boil down to building a semantic representation of the network entities and their interactions.
Ram Janakiraman examines how enterprise networks are like theme parks. Use of a device by a user maps to the use of tickets or a mobile application to access the amusements. Network protocols are now the language of the devices to exchange data. Every user behind a device in the network finds their target through gatekeepers conversing using these protocols. Such interactions provide insight into personal interests and popularity of the kind of the rides and the shows they visit. The presentation will focus on the application of this concept to building behavioral representations of the users based on how they go about their daily professional lives.
Behavioral analysis in enterprise security comes with a few challenges. Higher data volume and higher demand for security admin’s time leave us with hardly any labeled data and, hence, any viable supervised approach. Furthermore, privacy concerns, unique network layouts, and global business presence do not lend themselves to much transfer learning across enterprises. For example, it’s common to find behaviors deemed normal for an enterprise but considered outliers in general.
Ram offers insights into building a semantic representation of the entities from unlabeled data sources. The way users traverse a network carrying out their everyday workflow can be used to model behavior baselines over time and across devices. Various techniques to build representations can be applied to network data sources, much like building embeddings for a new language as a first step at every enterprise. With embeddings as a good foundation, more advanced models can be leveraged for various use cases in behavioral analytics. Ram also shows how the approach can change the engagement model of the product toward improving end-user experience and highlights the protection of privacy and identity of the network entities with his approach. You’ll leave with ideas to formulate approaches for the application of NLP to use cases in your domains.
- A basic understanding of machine learning and networking terminologies
What you'll learn
- Learn the cross-domain application of semantic encoding in NLP to enterprise security
- Examine how various embedding techniques capture the network behavior semantics and assist the application of NLP models to other use cases
- Understand how the techniques used, while capturing semantics, can also preserve the identity and privacy of the network entities
Ram Janakiraman is a distinguished engineer at the Aruba CTO Office working on machine intelligence for enterprise security. His recent focus has been on simplifying the building of behavior models by leveraging approaches in NLP and representation learning. He hopes to improve end user product engagement through a visual representation of entity interactions without compromising the privacy of the network entities. Ram has numerous patents from a variety of areas during the course of his career. Previously, he’s been in various startups and was a cofounding member of Niara, Inc., working on security analytics with a focus on threat detection and investigation before it was acquired by Aruba, a HPE Company. He’s also an avid scuba diver, always eager to explore the next reef or kelp. He’s an FAA Certified Drone Pilot, capturing the beauty of dive destinations on his trips.
Diversity and Inclusion Sponsor
Premier Exhibitor Plus
R & D and Innovation Track Sponsor
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
For media/analyst press inquires