Detecting Cybersecurity Incidents with Machine Learning

Abstract: Data exfiltration, the unauthorized transfer of data from a computer or server, is increasingly becoming a concern for organizations. These incidents can be severely damaging: malicious actors can use them to steal customer data, proprietary information, financial details, and more. Detecting exfil events, however, is notoriously challenging. Network traffic data is too large to sift through manually, and the prevalence of legitimate data transfers makes it difficult to isolate malicious events. Machine learning provides a useful set of tools to automate the search for malicious activity. This talk describes the application of data science approaches to identifying exfil events. We discuss effective ways to frame the problem and choose an algorithm, leverage the underlying properties of the data, and incorporate feedback from stakeholders. Along the way, we uncover new understanding about network behavior.

Bio: Vasudha is a Senior Data Scientist at Rapid7, a cybersecurity company headquartered in Boston. She develops predictive models to better understand the nature of security threats and vulnerabilities, and works on automated ways to identify cyber attacks. Prior to this, Vasudha worked in retail analytics and quantum computing research. She has a PhD in physics from UC Berkeley and SB in physics from MIT.