This paper gives an introduction to the high-level concepts of machine learning and the typical ways in which it is applied to attack detection in the cyber security industry. It covers the problems commonly encountered and gives practical examples derived from Countercept’s experience of applying machine learning techniques as part of its threat-hunting platform.
Machine learning in attack detection...
This paper will be of use to the following:
- CIOs/CISOs to get a balanced view of what high level strengths and weaknesses machine learning can bring to attack detection, outside of vendor marketing hype.
- Threat hunters and incident response teams looking to understand high-level technical detail on how software solutions using machine learning may fit into their wider attack detection and incident response toolsets.
- Penetration testers and red-team specialists looking to understand common approaches to attack detection using machine learning.