In this talk, we focus on Cybersecurity and build an AI solution that identifies malicious domains that are being accessed from your organizational network. Why is this important? Domains are fundamental and enable malicious behavior. These domains enable data-exfiltration, command and control, and PII theft. Therefore identifying and blocking malicious domains become the first step in breaking the kill chain.
Here we explain the fundamental design and approach of modeling malicious behavior in domains, and an application that is capable of classifying malicious domains. We also show how one can provide a system for SoC operators to take a look at the output and make a quick decision.
Speaker's Bio:
Ashrith Barthur:
Ashrith Barthur is the security scientist designing anomalous detection algorithms at H2O.ai. He recently graduated from the Center of Education and Research in Information Assurance and Security (CERIAS) at Purdue University with a Ph.D. in Information security. He is specialized in anomaly detection on networks under the guidance of Dr. William S. Cleveland. He tries to break into anything that has an operating system, sometimes into things that don’t. He has been christened as “The Only Human Network Packet Sniffer” by his advisors. When he is not working he swims and bikes long distances.