Machine Learning Methods for Cybersecurity Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.

Slides:



Advertisements
Similar presentations
1 Profit from usage data analytics: Recent trends in gathering and analyzing IVR usage data Vasudeva Akula, Convergys Corporation 08/08/2006.
Advertisements

Welcome to Keyboarding Pro DELUXE ® Get Started Get Started Create Your Student Record Create Your Student Record The Main Menu The Main Menu Send Files.
AVG Internet Security 7.5 Product presentation.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Machine Learning Methods for Personalized Cybersecurity Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Applying machine learning and artificial intelligence.
1 of 4 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
Personalized Cybersecurity for Dummies Jaime G. Carbonell Eugene Fink Mehrbod Sharifi Application of machine learning and crowdsourcing to adapt cybersecurity.
IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
CMU Usable Privacy and Security Laboratory Power Strips, Prophylactics, and Privacy, Oh My! Julia Gideon, Serge Egelman, Lorrie.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Man in the Middle attacks and ARP poisoning explained
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Detection of Internet Scam Using Logistic Regression
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy Preferences Edgardo Vega Usable Security – CS 6204 – Fall, 2009 – Dennis.
Ch 11 Managing System Reliability and Availability 1.
LGC Website and Customer On-line Tools LGC RESOURCE 2014.
Web Spoofing John D. Cook Andrew Linn. Web huh? Spoof: A hoax, trick, or deception Spoof: A hoax, trick, or deception Discussed among academics in the.
Challenges in Information Retrieval and Language Modeling Michael Shepherd Dalhousie University Halifax, NS Canada.
Alexander Consulting Enterprise 9/7/2015 Marketing Research in Global Markets Why Bother?
Using Windows Firewall and Windows Defender
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.
GrIDS -- A Graph Based Intrusion Detection System For Large Networks Paper by S. Staniford-Chen et. al.
1 Guide to Novell NetWare 6.0 Network Administration Chapter 13.
Web Browser Security Prepared By Mohammed EL-Batta Mohammed Soubih Supervised By Eng. Eman alajrami Explain Date 10. may University of Palestine.
Welcome to Keyboarding Pro DELUXE ® Get Started Get Started Create Your Student Record Create Your Student Record The Main Menu The Main Menu Send Files.
MANAGEMENT SUPPORT SYSTEMS II 7. Business Intelligence.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Microsoft Internet Explorer and the Internet Using Microsoft Explorer 5.
©2010 John Wiley and Sons Chapter 12 Research Methods in Human-Computer Interaction Chapter 12- Automated Data Collection.
Database-Driven Web Sites, Second Edition1 Chapter 5 WEB SERVERS.
Windows Vista Inside Out Chapter 22 - Monitoring System Activities with Event Viewer Last modified am.
MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # ) Chapter Four Windows Server 2008 Remote Desktop Services,
 This guide will cover the process of connecting to VPN Server with the Desktop Client.
Log files presented to : Sir Adnan presented by: SHAH RUKH.
Enabling ActiveX® in your Internet Explorer Futures Tech KG Department Academic Year 2014/2015.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Logging into a Remote Desktop Connection. Connecting to ‘Remote Desktop Connection’ through the application.
Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.
Application of Machine Learning and Crowdsourcing to Detection of Cyber Threats Jaime G. Carbonell Eugene Fink Mehrbod Sharifi.
Evaluating & Maintaining a Site Domain 6. Conduct Technical Tests Dreamweaver provides many tools to assist in finalizing and testing your website for.
Administering Microsoft Windows Server 2003 Chapter 2.
The Diagnostic Pathfinder System Introduction Getting Started.
Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.
ITMT Windows 7 Configuration Chapter 7 – Working with Applications.
IT Desktop Management GoToMeeting – Online Meeting Service Attendee Guide May 2007 Prepared by Angela Mars IT Education and Training.
IV&VS Capabilities. 2 V IRTUAL USER GENERATOR 3 V IRTUAL U SER T ECHNOLOGY AND ADVANTAGES  Simulates a real user  Requires less resources – machines.
IT Desktop Management GoToMeeting – Online Meeting Service Organizer/Presenter Guide May 2007 Prepared by Angela Mars IT Education and Training.
C Copyright © 2006, Oracle. All rights reserved. Oracle Secure Backup Additional Installation Topics.
Windows Vista Configuration MCTS : Internet Explorer 7.0.
Step # 5: Conclusion Step # 4: Collect & Analyze Data Step # 3: Experiment Step # 2: Hypothesis Step # 1: Problem Scientific Method.
Accessing the Intranet
Marketing Research in Global Markets
5 In the Survey Options section, click an option to determine whether users' names will appear in survey results, and then whether users can respond to.
Web Application Penetration Testing ‘17
5 In the Survey Options section, click an option to determine whether users' names will appear in survey results, and then whether users can respond to.
100% REAL EXAM QUESTIONS ANSWERS
Detection of Internet Scam Using Logistic Regression
Real-time protection for web sites and web apps against ATTACKS
Market Research ... Before you do anything in marketing you first have to do Market Research – the gathering, recording, analysing, and presenting information.
CIT 480: Securing Computer Systems
5 In the Survey Options section, click an option to determine whether users' names will appear in survey results, and then whether users can respond to.
SDLC (Web).
Intro to Ethical Hacking
Intro to Ethical Hacking
Access eJournals Form Your Home
Student: Ravi Arvapally, Computer Science Department
SDLC (Web). SDLC (Web) Note. 1: Building Web Applications with UML, Jim Conallen Note *1: Building Web Applications with UML, Jim Conallen. Addison.
Presentation transcript:

Machine Learning Methods for Cybersecurity Jaime G. Carbonell Eugene Fink Mehrbod Sharifi

 Automatically adjust security settings based on personal and contextual information  Apply crowdsourcing to detect “advanced” threats that go beyond software attacks, such as scams, rip-offs, and wrong info 2 Application of machine learning and crowdsourcing to adapt cybersecurity tools to the needs of individual users. Research goals

 Personalized security settings  Help the user with security decisions  Adapt to the user needs and preferences  Crowdsourced threat detection  Offer users the option to enter their opinions and warnings about web pages  Automatically analyze the user opinions and combine them with other indicators 3 Initial work

Inflexibly engineered tools with “too much security” and insufficient customization.  Settings and prompts are confusing for nontechnical users  Many users are unable to customize security tools and always respond yes to prompts For example, 90% ignored the certificate issue of IE7 for banking tasks (Sunshine et al., 09). 4 Security problems

 Represent relevant data by a set of models  Learn probabilistic graphical model and use inference 5 E T K U S Q H Third-party model Task model User model User-knowledge model Questions Security-setting model E1 Start End A0 A1 A2 E2 A3 E1. Is more information needed? E2. Is making decision on behalf of the user possible? Yes No A0. Identify the user and context. A1. Collect more observations or ask targeted questions. A2. Answer security questions or adjust security settings. A3. Explain the options in more understandable terms. Personalized security settings History

6 PSA: Personal security assistant

 Dialog box helper  Record the user responses to dialog boxes  : Make decisions on behalf of the user, based on the learned preferences and the current context  : Provide customizable explanations 7  Learning from the user behavior  Log the user activity  Transmit the data to the server

 Collect metrics for web hosts: IP addresses, whois info, blacklists, …  Aggregate user notes  Enable users to provide notes on their experiences with specific web pages  Summarize available notes  Analyze sentiments and biases  Integrate collected metrics, user-note analysis, and other available indicators 8 Crowdsourced threat detection

A browser plug-in for the gathering, sharing, and integration of opinions and warnings about web pages. 9 Available at SmartNotes

10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.