Abstract: Machine learning is proving to be an important tool against cyber attacks, especially in finding zero day threats and in behavioral threat detection. Here, we will see how a couple of bugs that exploit critical vulnerabilities in modern computer processors, namely "Meltdown" and "Spectre" that were released in early 2018, took the cyber world by storm. These hardware vulnerabilities allow programs to steal data that is processed on the computer. We will see the Jupyter notebook that demonstrates the entire process of raw cpu data collection, data wrangling, machine learning experiments and final model selection to successfully detect the Spectre and Meltdown attacks when it is happening real time in a Linux system. The final machine learning model is the basis for the actual threat detection strategy that is engineered into the security product.
Bio: Harini Kannan is a data scientist at cybersecurity company Capsule8, where she applies her skills in statistics, visualization, machine learning and deep learning to threat detection and computer security problems. Before joining Capsule8, Harini obtained her M.S in Business Statistics from University of Texas, Arlington.
Data Scientist | Capsule8