Share these talks and lectures with your colleagues
Invite colleaguesCase study
Home-grown machine learning implementation for a SIRT: A use case — detecting domain-generating algorithms
Cyber Security: A Peer-Reviewed Journal,
5
(1),
66-79
(2021)
Abstract
There is a flurry of discussion, press and vendors explaining how helpful data science techniques can assist in cyber security defence; however, there is little information available about how to effectively leverage and implement data science techniques within a company’s cyber security defence team. The goal of this paper is to empower security incident response teams (SIRTs) to seamlessly build, deploy and operate ML solutions at scale. Our proposed solution is designed to cover the end-to-end ML workflows. Take-aways include managing and deploying a prediction pipeline, training data, prediction model evaluations and continuously monitoring these deployments to assist in SIRTs’ ability to defend and thwart cyber security attacks. An additional use case of implementing a machine learning (ML) application to predict domain-generating algorithms with the integrated data science pipeline and platform is also discussed and used as a reference.
Keywords: data science; machine learning (ML); blue team; domain-generating algorithms (DGAs)
The full article is available to subscribers to the journal.
Author's Biography
Brennan Lodge has spent more than a decade working in the financial industry specialising in cyber security and data science. He has held cyber security, data scientist and leadership roles at JP Morgan Chase, the Federal Reserve Bank of New York, Bloomberg and Goldman Sachs. Brennan holds a Master’s degree in business analytics from New York University and a BS in management information systems from Temple University. He has previous experience as a data science instructor in both R and Python. Along with multiple publications, Brennan has presented at data science and cyber security conferences.
