Abstract: Cybercrime is one of the fastest growing existential threats to businesses worldwide, with more than $10 billion in damages in 2022 alone. Cybercriminals are among the most innovative groups on the internet, constantly changing and adapting their attack patterns to avoid detection. Defenders need to uplevel their game to keep up.
At Abnormal security we build machine learning systems that detect cyberattacks. In this talk I'll showcase some of the example attacks we see - including QR code attacks, vendor compromises, and lateral phishing - and highlight the strategies we use to stop them. We'll begin with the traditional view of IOC (indicator of compromise)-based attack detection, and explore how an anomaly detection-based approach can improve precision and recall. We'll then discuss strategies for deploying neural networks and large language models to increase the precision of cyberattack detection.
How to detect cyberattacks with machine learning.
Bio: As the Head of Machine Learning at Abnormal Security, Dan builds cybercrime detection algorithms to keep people and businesses safe. Before joining Abnormal Dan worked at Twitter: first as an ML researcher working on recommendation systems, and then as the head of web ads machine learning. Before Twitter Dan built smartphone sensor algorithms at TrueMotion and Computer Vision systems at the Serre Lab.