Sun Tzu famously said, ”To know your enemy, you must become your enemy.” This adage rings even louder when we are faced with cyber security issues, an endemic problem of the digital era. At the Data Science Club we also believe that the concepts of Machine Learning can come in handy in such situations where you want to analyze threats and anomalies in the system.
Keeping this thought in mind we organized our last event for the Fall'19 - Big Connect: Role of Data Science and ML in Cyber Security.
The guest speaker for the event was Mr. Sravan Ankaraju, CEO of Divergence.AI. His talk was a tour-de-force that generated curiosity among the audience about how they, as future data scientists, can contribute towards making the web a safer place to browse. It was a very interactive sessions where he mainly focused on how machine learning comes into the picture when there is a hack in your system. The techniques comes under the bigger umbrella of 'Threat Intelligence'. A big challenge in collecting and analyzing intelligence has always been scalability - that is when the cloud computing comes to the rescue.
He opened his note, by explaining about the infamous 'Hammertoss Malware' - a backdoor used by Russian hackers that uses social media sites such as Facebook and Twitter to post images that hide behind them the codes that start to execute when a user clicks on the image. The malware code hacks into the user’s system and transfers user's data to a remote location. Since all this happens amidst the large network traffic, its path is very hard to detect. Thankfully, technology has caught up to deal with this type of threat.
He also emphasized on the Microsoft's Azure Services and how it can be useful when you integrate Microsoft's Threat Intelligence tools and packages (e.g. msticpy) with jupyter notebooks.
He also enlightened the audience on how Azure Sentinel a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution can be helpful in investigating threats with artificial intelligence, and hunt for suspicious activities.
He also showed couple of demos on how to detect and analyze anomalous activities that is happening in the network. The stage was then set for him to expound upon how Machine Learning can be used to generate automated detection without generating any false positives. The concept of Transfer Learning, which uses simulated environments to solve real-world problems, and Neural Fuzzing, is relatively new but holds great potential to replace reinforcement learning and unsupervised learning as a technique of the future.
We as a club always strive to share relevant knowledge, and it feels gratifying to see the response of the students. It is always good to work with a team that has such enthusiastic Officers and Volunteers who keep the momentum going. Thanks to everyone who attended the event.