Hello everyone and (belated) happy new year!
These have been months of very hard work for the MLSec Project team, which may help you understand (but maybe not quite forgive) the absence of blog posts.
Also, our project lead Alex Pinto had the privilege to present on BayThreat on December and announced some of the new directions that the project is taking and the new algorithms that we are working on. You can find the slide deck and the video for the presentation here:
Our main research focus right now is on using Machine Learning to detect Malware and Command & Control activity using only information from outbound firewall, recursive DNS queries and web proxy logs that a company may have lying around. Adding information about internal antivirus detections (either host-based or on the perimeter web proxy/security filter) helps establish ground truth for the participant and fight a bit of the bias that could come from the training sources we use. It is not required, though.
If you have one (or preferably all) of these log sources, and would like to participate on this research, please send us a note and we will reach out to you to set up our data collection processes! We are very excited with the results we have been getting so far and every participant that joins will help the overall results.
We just sent you an email. Please click the link in the email to confirm your subscription!
OKSubscriptions powered by Strikingly