YoVDO

Transfer Learning - Repurposing ML Algorithms from Different Domains to Cloud Defense

Offered By: RSA Conference via YouTube

Tags

RSA Conference Courses Cybersecurity Courses Machine Learning Courses Transfer Learning Courses Representation Learning Courses

Course Description

Overview

Explore transfer learning applications in cybersecurity during this 46-minute RSA Conference talk by Mark Russinovich, Chief Technology Officer of Azure at Microsoft. Discover how machine learning algorithms developed for other domains can be repurposed to enhance cloud defense strategies. Learn about Microsoft's cloud security scale, traditional versus transfer learning approaches, and practical examples of applying transfer learning to detect malicious network activity in Azure and malicious PowerShell commands. Gain insights into ensemble tree learning, deep learning techniques, and neural fuzzing for improved security. Understand how these innovative approaches can be applied to your own cyber-defense efforts, with real-world examples such as the WannaCry attack timeline and readelf dataset analysis.

Syllabus

Intro
Leveraging intelligence across product lines
Microsoft's cloud security scale - Daily numbers
Textbook ML development
Traditional versus Transfer learning
Why transfer learning
Detecting malicious network activity in Azure Core Concept: Achieve transfer leaming by grouping similar tasks
Ensemble Tree Learning applications at Microsoft
Input data
Tree Ensembles - Algorithm
Tree Ensembles - Training
Tree Ensembles - Testing
Model performance and productization Model trained at regular intervals
Bonus Classifier can be used as an effective canary for emerging attacks
WannaCry Attack Timeline
Detecting Malicious PowerShell commands Core Concept: Transposing existing security problem into an already solved problem from another domain
PowerShell command lines - difficult to detect
Microsoft's Deep Learning toolkit (CNTK) applications
Deeper learning = representation learning
Technique overview
Neural Fuzzing Core Concept: Transposing existing security problem into an already solved problem from another domain
Seq2Seq Neural Architecture
Improved fuzzing intuition
readelf dataset example
Example readelf 2.28 model
Analysis by GDB exploitable plugin Target: Linux readelf 2.28
Readelf model performance over 48h and productization
Conclusion
Resources


Taught by

RSA Conference

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network