In today modern network, many technologies used to bring a high rate and stable communication between end users. Network infrastructure is heart of communication, which include all nodes and passing traffic. Therefore, it is vital to protect infrastructure from internal and external attacks. In cyber security field IDS (intrusion detection system) is responsible to detecting threats inside the infrastructure which already many open source and commercial IDS are available. There are many flaws regarding these traditional IDS including requiring regular update and being signature base so attackers can bypass IDS also main weakness about traditional IDS is that they are not able to detect zero day attacks. Considering all the flaws that IDS systems have, we think about a novel replacement for it by using Machine Learning algorithms. Development of a system to identify and determine attacks and threats in the infrastructure of networks is fast and timely information to network administrators. Such a system is based on network traffic information and user behavior using Machine Learning algorithms to build a Model, then based on the obtained model information, identifies the types of attacks and threats and immediately notifies network administrators for relevant actions. The main features of such a system can be described as follows:
- Zero-day threat detection
- Fast (real time)
- Low memory foot print
- Tunable This talk will gives you a deep understanding of our approach as well as proposed ML-based algorithms to tackle security flaws with the highest accuracy. Other key takeaways is deployment models. This solution can be adopt in different infrastructures like IPBB, Telecom, IoT etc.
About Ali Abdollahi
Ali is an InfoSec engineer at Picnic Technologies B.V. and researcher with a decade of experience working in a variety of fields. He was a trainer at OWASP summer of security 2020, 2021 July training and reviewer for Springer Cluster Computing Journal as well as 2021 Global AppSec US event. In addition, He was speaker or trainer at IEEE AI-ML-Workshop-2021, SSD TyphoonCon, c0c0n2019, BSides Toronto, Budapest, Calgary, Newcastle, Barcelona, OWASP Ottawa chapter, Defcon RedTeam, AppSec and Aerospace villages, Confidence Conf2020, NoNameCon20, YASCon2020, COUNTERMEASURE Conference, DragonCon etc.