Sep 9–12, 2019

Can behavioral analytics for enterprise security benefit from approaches in NLP?

Ramsundar Janakiraman (Aruba Networks, A HPE Company)
4:50pm5:30pm Thursday, September 12, 2019
Location: 230 C

Who is this presentation for?

  • Data scientists, ML engineers, IT and enterprise security engineers, and anyone interested in the application of natural language processing (NLP) to other domains

Level

Intermediate

Description

Advances in NLP in semantic encoding techniques, specifically to tame polysemous words, have made a great impact in text and sequence analysis. The first step in the successful cross-domain application of NLP to enterprise security may just boil down to building a semantic representation of the network entities and their interactions.

Ram Janakiraman examines how enterprise networks are like theme parks. Use of a device by a user maps to the use of tickets or a mobile application to access the amusements. Network protocols are now the language of the devices to exchange data. Every user behind a device in the network finds their target through gatekeepers conversing using these protocols. Such interactions provide insight into personal interests and popularity of the kind of the rides and the shows they visit. The presentation will focus on the application of this concept to building behavioral representations of the users based on how they go about their daily professional lives.

Behavioral analysis in enterprise security comes with a few challenges. Higher data volume and higher demand for security admin’s time leave us with hardly any labeled data and, hence, any viable supervised approach. Furthermore, privacy concerns, unique network layouts, and global business presence do not lend themselves to much transfer learning across enterprises. For example, it’s common to find behaviors deemed normal for an enterprise but considered outliers in general.

Ram offers insights into building a semantic representation of the entities from unlabeled data sources. The way users traverse a network carrying out their everyday workflow can be used to model behavior baselines over time and across devices. Various techniques to build representations can be applied to network data sources, much like building embeddings for a new language as a first step at every enterprise. With embeddings as a good foundation, more advanced models can be leveraged for various use cases in behavioral analytics. Ram also shows how the approach can change the engagement model of the product toward improving end-user experience and highlights the protection of privacy and identity of the network entities with his approach. You’ll leave with ideas to formulate approaches for the application of NLP to use cases in your domains.

Prerequisite knowledge

  • A basic understanding of machine learning and networking terminologies

What you'll learn

  • Learn the cross-domain application of semantic encoding in NLP to enterprise security
  • Examine how various embedding techniques capture the network behavior semantics and assist the application of NLP models to other use cases
  • Understand how the techniques used, while capturing semantics, can also preserve the identity and privacy of the network entities
Photo of Ramsundar Janakiraman

Ramsundar Janakiraman

Aruba Networks, A HPE Company

Ram Janakiraman is a senior distinguished engineer at the Aruba CTO Office working on machine intelligence for enterprise security. Ram’s recent focus has been on simplifying building behavior models by leveraging approaches in NLP and representation learning. He hopes to improve end user product engagement through a visual representation of entity interactions. Ram has numerous patents in a variety of areas during the course of his career. Previously, he’s been in various startups and was a cofounding member of Niara, Inc., working on security analytics with a focus on threat detection and investigation before it was acquired by Aruba, a HPE Company. Ram is an avid scuba diver and always eager to explore the next reef or kelp. He’s also an FAA certified drone pilot capturing the beauty of dive destinations on his trips.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)

Contact us

confreg@oreilly.com

For conference registration information and customer service

partners@oreilly.com

For more information on community discounts and trade opportunities with O’Reilly conferences

Become a sponsor

For information on exhibiting or sponsoring a conference

pr@oreilly.com

For media/analyst press inquires