Can behavioral analytics for Enterprise security benefit from approaches in NLP?
Who is this presentation for?Data scientists, ML Engineers, IT and Enterprise security engineers, anyone interested in the application of NLP to other domains
Advances in Natural Language Processing (NLP) in semantic encoding techniques, specifically to tame the eluding polysemous words, have made a great impact in text and sequence analysis. The first step in the successful cross-domain application of NLP to Enterprise Security may just boil down to building a semantic representation of the network entities and their interactions. Enterprise networks are like theme parks. Use of a device by a user maps to the use of tickets or a mobile application to access the amusements. Network protocols are now the language of the devices to exchange data. Every user behind a device in the network finds their target through gate-keepers conversing using these protocols. Such interactions provide insight into personal interests and popularity of the kind of the rides and the shows they visit. The presentation will focus on the application of this concept to building behavioral representations of the users based on how they go about their daily professional lives.
Behavioral analysis in Enterprise security comes with a few challenges. Higher data volume and higher demand for security admin’s time leave us with hardly any labeled data and hence any viable supervised approach. Furthermore, privacy concerns, unique network layouts, and global business presence do not lend themselves to much transfer learning across enterprises. For example, it is common to find behaviors deemed normal for an enterprise but considered outlier in general.
In this talk, Ram offers insights into building a semantic representation of the entities from unlabeled data sources. The way users traverse a network carrying out their everyday workflow can be used to model behavior baselines over time and across devices. Various techniques to build representations can be applied to network data sources, much like building embeddings for a new language as a first step at every enterprise. With embeddings as a good foundation more advanced models can be leveraged for various use-cases in behavioral analytics. Ram finishes the talk by showing the benefits in how the approach can change the engagement model of the product towards improving end-user experience and highlights the protection of privacy and identity of the network entities with his approach. The presentation should leave the audience with ideas to formulate approaches for the application of NLP to use-cases in their domains.
Prerequisite knowledgeBasic understanding of machine learning and networking terminologies.
What you'll learn* Learn the cross-domain application of Semantic encoding in NLP to Enterprise Security through a simple analogy * Explore how various embedding techniques capture the network behavior semantics and assist application of NLP models to other use-cases * Understand how the techniques used, while capturing semantics, can also preserve the identity and privacy of the network entities
Aruba Networks, A HPE Company
Ram Janakiraman is a Distinguished Engineer at the Aruba CTO Office working on Machine Intelligence for Enterprise Security. Ram’s recent focus has been on simplifying building of behavior models by leveraging approaches in NLP and Representation learning. He hopes to improve end-user product engagement through a visual representation of entity interactions. Ram has numerous patents in a variety of areas during the course of his career.
Ram has been in various startups and was a co-founding member of Niara Inc working on security analytics with a focus on threat detection and investigation before it was acquired by Aruba, an HPE Company. Ram is an avid Scuba Diver always eager to explore the next reef or kelp. He is also an FAA Certified Drone Pilot capturing the beauty of dive destinations on his trips.
Leave a Comment or Question
Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?
Join the conversation here (requires login)
Diversity and Inclusion Sponsor
R & D and Innovation Track Sponsor
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
View a complete list of O'Reilly AI contacts