Developers are showing more interest in using Machine Learning (ML) to automate threat-hunting. Photo: Courtesy of Big Stock.com |
Anomaly Detection – The Early Days
When we talk about security, we want a system that can separate good from bad, normal from abnormal. Therefore, it is quite natural to apply anomaly detection to security...
The Rise of Big Data
After 2000, developers and researchers began creating spam, phishing, and URL filtering systems based on supervised learning. In supervised learning, decisions are based on comparing a set of data (or labels) against a perceived threat. One such example is a URL blacklist, where incoming e-mail is matched against a list of undesirable URLs and rejected if it matches a label on the list. A supervised learning algorithm analyzes the data and produces an inferred function (i.e., this traffic behavior matches this input data, therefore it is bad), which can be used for mapping new examples.
Read more...
Source: SecurityInfoWatch