Using Domain Traffic to Identify Malicious Behavior in Cybersecurity

Presented by

Ashrith Barthur

About this talk

In this talk, we focus on Cybersecurity and build an AI solution that identifies malicious domains that are being accessed from your organizational network. Why is this important? Domains are fundamental and enable malicious behavior. These domains enable data-exfiltration, command and control, and PII theft. Therefore identifying and blocking malicious domains become the first step in breaking the kill chain. Here we explain the fundamental design and approach of modeling malicious behavior in domains, and an application that is capable of classifying malicious domains. We also show how one can provide a system for SoC operators to take a look at the output and make a quick decision. Speaker's Bio: Ashrith Barthur: Ashrith Barthur is the security scientist designing anomalous detection algorithms at He recently graduated from the Center of Education and Research in Information Assurance and Security (CERIAS) at Purdue University with a Ph.D. in Information security. He is specialized in anomaly detection on networks under the guidance of Dr. William S. Cleveland. He tries to break into anything that has an operating system, sometimes into things that don’t. He has been christened as “The Only Human Network Packet Sniffer” by his advisors. When he is not working he swims and bikes long distances.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (111)
Subscribers (19172) is the maker of H2O, the world's best machine learning platform and Driverless AI, which automates machine learning. H2O is used by over 200,000 data scientists and more than 18,000 organizations globally. H2O Driverless AI does auto feature engineering and can achieve 40x speed-ups on GPUs.