Mark Ryan Del Moral Talabis: The Security Analytics Project: Alternatives in Analysis - a podcast by Jeff Moss

With the advent of advanced data collection techniques in the form of honeypots, distribured honeynets, honey clients and malware collectors, data collected from these mechanisms becomes an abundant resource. One must remember though that the value of data is often only as good as the analysis technique used.

In this presentation, we will describe a number of alternative analysis techniqes that leverages techniques adopted from statistics, AI, data mining, graphics design pattern recognition and economics. We will also show how security researchers can utilize tools from other disciplines to extract valuable findings to support security research work.

This presentation hopes to be an eye opener for security practitioners that there are many more techniques, tools and options beyond the security research field that they can use in their work. Hopefully, this will be the groundwork for a cross-discipline collaborative project that will help identify more techniques for security research and analysis.

Some techniques that we will talk about is the use of various clustering algorithms to classify attacks. Predicting attacks by using learning algorithms, detecting attacks through artificial intelligence, determining attack trends using pattern recognition and advanced visualization for attack analysis.

Among the tools that we will demonstrate are readily available open source tools like WEKA, Tanagra, and R Project that have not been traditionally used in security research but has great potential in security research.

This presentation will be useful for those in security research, honeypot development and forensics.

Further episodes of Black Hat Briefings, USA 2007 [Video] Presentations from the security conference.

Further podcasts by Jeff Moss

Website of Jeff Moss