Fighting cybercrime with AI





Who is this presentation for?
- Data scientists, security professionals, and any enthusiast with midlevel knowledge of applied machine learning
Level
IntermediateDescription
In 2017, an average of 200,000 new malware samples were captured each day. This value increased by 328%. Cybercriminals have stepped up their game, and they already use advanced techniques to penetrate organization defenses and steal critical data, causing millions in losses. The average total cost of a data breach is $3.62 million. Organizations’ cyberdefense departments have to reinvent their defense mechanisms to keep up with the new threats, and regular detection systems are not enough. Adding more bodies to defensive efforts no longer improves defense due to diminished returns from increased human labor and manual defensive tactics. These limitations converge into a significant problem for organizations’ last line of defense, the security analysts team. Therefore, this evolving landscape of threats demands innovation. A plethora of new defensive tactics is mandatory to advance a defensive posture in a challenging and impactful cyber war zone. It is time to bring AI to the fight.
Carlos Rodrigues outlines the impact of using bleeding-edge technology such as deep learning in production to improve threat detection in a worldwide company, namely, Siemens, with a corporate network that has more than 500,000 hosts. It inherently imposes a highly atypical set of challenges with regard to malware detection.
Carlos walks you through the status quo of cybercrime, its motivations, and a very concrete use case of malware, domain generation algorithms. Once you understand how it works in practice, you’ll see some real examples of domains and have to determine which were legitimate domain names and malicious ones that were generated by malware. Most people, including security professionals, are only able to make random guesses.
You’ll be introduced to the sequence of approaches taken to tackle the problem using traditional machine learning, and Carlos outlines the ones that have not worked and why. You’ll enter the realm of deep learning, where the building blocks to assemble a network capable of producing outstanding results are illustrated with diagrams and code. The training process of these neural networks requires attention, and many times it does not converge. But, when it does, a threat detection solution emerges that even the most convoluted malware will have a hard time trying to bypass.
Prerequisite knowledge
- An intermediate understanding of machine learning (useful but not required)
What you'll learn
- Learn about cybersecurity and why it matters
- Discover how to apply bleeding-edge AI in your daily work and that you shouldn't be discouraged if machine learning takes multiple trials
- See complete examples of code that compose a neural network with TensorFlow and Keras capable of using text as input (domain names) to produce a suspiciousness score (malware or not)

Carlos Rodrigues
Siemens
Carlos Rodrigues is a lead cloud engineer and data scientist at Siemens Cyber Defense Department. Previously, Carlos worked at a financial institution that manages more than £20 billion of assets, helping them to design a data-driven strategy, among other things. During his spare time, Carlos teaches postgraduates in data science at Rumos.
Presented by
Elite Sponsors
Strategic Sponsor
Exabyte Sponsor
Impact Sponsor
Contact us
confreg@oreilly.com
For conference registration information and customer service
partners@oreilly.com
For more information on community discounts and trade opportunities with O’Reilly conferences
aisponsorships@oreilly.com
For information on exhibiting or sponsoring a conference
pr@oreilly.com
For media/analyst press inquires