Tecflix

Machine Learning for Security Applications: Why? Get Free Access Purchase the entire course

31 August 2019 · · 538 views

The Future Series (2019)

Hugh Simpson-Wells Interviews Rafal Lukawiecki about Machine Learning for Security Applications

Machine learning is not yet widely used for IT security purposes, however, it has significant potential in that area. Rafal Lukawiecki suggested several theoretical applications at Microsoft conferences (TechEd) in early 2000’s. One that seems quite relevant today is to let an IT system monitor itself by looking for unusual behaviour, by implementing a live anomaly detection solution based on a machine learned, cluster model of normal behaviour. While at the time this was not practical, building such a system would be relatively easy nowadays. There are many algorithms, besides clustering, that could be of help today.

Hugh Simpson-Wells, Founder and CEO of Oxford Computer Training, a company that specialises in IT security, and leads in identity management using Microsoft solutions, interviews Rafal, whose expertise is machine learning, to find out how practical it would be to bring the two disciplines together.

There are some obvious areas, like security log analysis, which, however, still pose challenges when applied in the “real world”. The main concern is how to handle false positives—the current approaches are mediocre at best, and either cause too much frustration for users, or end up missing out too many potential security breaches. Balancing the two opposites is not easy, and it will require more than just machine learning: applying a solid, logic-based framework, perhaps based on existing security policies that identity management systems thrive on.

There are interesting opportunities for the future: password-less authentication and wider use of probabilistic, including ML-derived security threat analysis, is well already under way. Unfortunately, these approaches are very susceptible to adversarial machine learning that we have already discussed in an earlier video in this series.

Above all, it is clear that relying on machine learning, which is always somewhat uncertain about the decisions it makes and which is built by gathering sensitive and personal data, needs better governance to ensure that human rights are not breached—this will require wise involvement of government and judicial systems around the world.

If you are interested in getting started with ML for security, perhaps even to build Security AI, make sure to watch the very next video in this series.

Log in or register for free to play the video.

Purchase a Full Access Subscription

 
Individual Subscription

$480/year

Access all content on this site for 1 year.
Purchase
Group Purchase

from $480/year

For small business & enterprise.
Group Purchase
 
  • You can also redeem a prepaid code.
  • Payments are instant and you will receive a tax invoice straight away.
  • We offer sales quotes/pro-forma invoices, and we accept purchase orders and bank transfers.
  • Your satisfaction is paramount: we offer a no-quibble refund guarantee.
  • See pricing FAQ for more detail.
In collaboration with
Project Botticelli logo Oxford Computer Training logo SQLBI logo Prodata logo