Machine Learning and Cyber Security - Detecting malicious URLs in the haystack

Traditional detection techniques such as blacklists and reputation scoring struggle to cope with an ever-evolving threat landscape; can Machine Learning be a sustainable alternative? Meanwhile, security teams are balancing access and freedom to the Internet for their users whilst trying to defend and protect. Traditional methods cannot possibly hope to cater for the sheer number of malicious websites that exist at any one time across the Internet, not to mention the various guises that may be adopted to entice a click or deliver a malicious payload. Enter Python and Data Science, the primary tools for leveraging Machine Learning that our presentation will explore for detecting Malicious URLs. Our talk will focus on how our team implements a data science process in order to develop effective machine learning models targeted at Cyber Security Detection and Blue Team capability. We will also shed light on the challenges faced by Cyber Security Data Scientists and how we hope to strengthen cyber security defences in the future.

By the end of our talk you will be able to:

1. Explain how Python and Machine Learning can assist Blue Teams and Cyber Defence;
2. Grasp some key tools used across the Data Science Process (i.e. Python, Pandas, Sklearn, etc.);
3. Understand how the Data Science Process can be applied to Malicious URL Detection;
4. Understand the successes and challenges of using Machine Learning in Cyber Security.

Who’s our audience?

• You are a security specialist interested in using Machine Learning;
• Python enthusiast interested in Machine Learning or Security.