Abstract: Applied Natural Language Processing for cybersecurity: Taming the bleeding edge language models for practical security use cases
We have new and powerful natural language models cropping up almost every month, each with more than a billion parameters, capable of numerous open-ended human-like language tasks – like conjuring up crazy concoctions of realistic images from unrealistic human descriptions. But how can they be useful for practical purposes in the cybersecurity domain? Have we solved all the low hanging fruits related to existing security bottlenecks and automation of all kinds of security events analysis?
Following questions will be proposed to the panel for discussion:
1. Large Language Models – A new Moore’s Law? Can multibillion parameter models be finally used for practical infosec use cases?
2. Have we explored tried and tested NLP techniques being successfully used in other domains – for e.g. Topic Modeling in advertisement and SEO (Search Engine Optimization) industry – are these being successfully adapted for infosec use cases? What are other examples?
3. Infosec benchmark datasets for language modeling – is enough work being done here? How can we move the needle here?
4. Dangers and pitfalls of open-ended language models in infosec
Bio: Harini Kannan is a data scientist at Sophos AI. She has been in security data science for the last 5 years. She was previously the Principal Data Scientist at Capsule8, which was acquired by Sophos. She has given talks at Defcon AIVillage, CAMLIS, BlackHat (USA), ODSC -East, Data Science Salon, PyData (Boston), and Data Connectors. Her areas of research include detecting hardware-based attacks using performance counters, user behavior analysis, applied NLP, interpretable ML, and unsupervised anomaly detection.