I'm Sorry Dave, I Can't Do That: Practical Machine Learning for Information Security | SANS@MIC Talk

Every security vendor under the sun is telling you that you need their AI or Machine Learning solution. Are they worth the money? How do they work? Can they really perform the way the vendors promise? In this talk we'll demystify the terms being used and show you what Machine Learning really means. We'll cap things off with a real-time network traffic classification system built from scratch! David Hoelzer is currently completing a web-only training series on "Applied Machine Learning for Information Security" that will be released within the next few months. This is your chance to hear just a bit of what will be taught in this new class! For a copy of the Jupyter Notebook used by David during the first 60 minutes of the presentation, please visit https://github.com/dhoelzer/ShowMeThe.... The notebook and supporting data can be found in the Machine Learning folder. The notebook in that repository includes much greater detail and explanations of whats happening and the theory that was discussed. We look forward to building Machine Learning solutions together in SEC503 (https://www.sans.org/course/intrusion...) or in the upcoming Applied Machine Learning series! Speaker Bio David Hoelzer is a SANS fellow instructor, courseware author and dean of faculty for the SANS Technology Institute. In addition to bringing the GIAC Security Expert certification to life, he has held practically every IT and security role during his career. David is a research fellow in the Center for Cybermedia Research, the Identity Theft and Financial Fraud Research Operations Center (ITFF/ROC), and the Internet Forensics Lab. Currently, David serves as the principal examiner and director of research for a New York/Las Vegas-based incident response and forensics company and is the chief information security officer for an open source security software solution provider.