Today, security teams are in an increasingly one-sided battle to defend against a myriad of cyber attacks. Web-based attacks are often devastating, with conventional blacklists and reputation-based defence tactics not able to identify previously unseen malicious URLs. Is AI the solution?
Traditional detection techniques such as blacklists and reputation scoring struggle to cope with an ever-evolving threat landscape; can Machine Learning be a sustainable alternative? Meanwhile, security teams are balancing access and freedom to the Internet for their users whilst trying to defend and protect. Traditional methods cannot possibly hope to cater for the sheer number of malicious websites that exist at any one time across the Internet, not to mention the various guises that may be adopted to entice a click or deliver a malicious payload. Enter Python and Data Science, the primary tools for leveraging Machine Learning that our presentation will explore for detecting Malicious URLs. Our talk will focus on how our team implements a data science process in order to develop effective machine learning models targeted at Cyber Security Detection and Blue Team capability. We will also shed light on the challenges faced by Cyber Security Data Scientists and how we hope to strengthen cyber security defences in the future.
By the end of our talk you will be able to:
- Explain how Python and Machine Learning can assist Blue Teams and Cyber Defence;
- Grasp some key tools used across the Data Science Process (i.e. Python, Pandas, Sklearn, etc.);
- Understand how the Data Science Process can be applied to Malicious URL Detection;
- Understand the successes and challenges of using Machine Learning in Cyber Security.
Who’s our audience?
- You are a security specialist interested in using Machine Learning;
- Python enthusiast interested in Machine Learning or Security.
Watch 'Machine Learning and Cyber Security - Detecting malicious URLs in the haystack' on PyCon AU's YouTube account
Alistair is a Data Scientist currently working in the Cyber Security domain. Namely, Identity and Access Management. He enjoys exercise, cooking, and data science, not to mention AFL and most sports. In his spare time, he may also put together a comedy video or two.
Part time deep learning research student currently working in the information security domain. Enjoy random stroll and food hunting in foreign cities.