Transfer Learning - Repurposing ML Algorithms from Different Domains to Cloud Defense
Offered By: RSA Conference via YouTube
Course Description
Overview
Syllabus
Intro
Leveraging intelligence across product lines
Microsoft's cloud security scale - Daily numbers
Textbook ML development
Traditional versus Transfer learning
Why transfer learning
Detecting malicious network activity in Azure Core Concept: Achieve transfer leaming by grouping similar tasks
Ensemble Tree Learning applications at Microsoft
Input data
Tree Ensembles - Algorithm
Tree Ensembles - Training
Tree Ensembles - Testing
Model performance and productization Model trained at regular intervals
Bonus Classifier can be used as an effective canary for emerging attacks
WannaCry Attack Timeline
Detecting Malicious PowerShell commands Core Concept: Transposing existing security problem into an already solved problem from another domain
PowerShell command lines - difficult to detect
Microsoft's Deep Learning toolkit (CNTK) applications
Deeper learning = representation learning
Technique overview
Neural Fuzzing Core Concept: Transposing existing security problem into an already solved problem from another domain
Seq2Seq Neural Architecture
Improved fuzzing intuition
readelf dataset example
Example readelf 2.28 model
Analysis by GDB exploitable plugin Target: Linux readelf 2.28
Readelf model performance over 48h and productization
Conclusion
Resources
Taught by
RSA Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network