Bye-Bye False Positives - Using AI to Improve Detection

Explore advanced AI-based techniques for improving intrusion detection systems and reducing false positives in this BSidesSF 2019 conference talk. Delve into the limitations of traditional IPS/IDS solutions and discover how neural networks can revolutionize detection mechanisms. Learn about various AI-based injection detection architectures, with a focus on a specific implementation using recurrent neural networks for SQL injection detection. Gain insights into representing injections as time series, normalizing queries, and applying bidirectional recurrent neural networks with LSTM cells. Examine the impressive 96.07% false positive detection quality achieved using this method. Understand the practical application of these techniques in production environments and acquire knowledge to build your own RNN network for detection. Walk away with a comprehensive understanding of modern AI injection detection methods, training and testing methodologies, and strategies for improving accuracy in intrusion detection systems.

Introduction
Goals
Scope Limitations
Application of Neural Networks
Watson Payload
Parser Mechanics
Implementation
Neural Networks
Architecture
Availability
Tuning
Whats next