[Dailydave] Machine Learning and Dimensions and stuff
nathan.landon at digitaloperatives.com
Fri Nov 21 10:58:40 EST 2014
Perhaps they took the video down based on your and Halvar's commentary?
On Nov 20, 2014, at 1:16 PM, Dave Aitel <dave at immunityinc.com> wrote:
> Dmitri pointed me at the above talk which is essentially a good
> specialized 101-level lecture on how machine learning works in the
> security space.
> There's not much to criticize in the talk! (It has a lot of the features
> of El Jefe!) They use a real graph database to run their algorithms
> against process trees - but if you wanted to heckle you'd ask "Doesn't
> the CreateProcess() system call also take "parent process" as an
> argument? What IS the rate of false positives? Because if you can't get
> it down to basically 0 then you are essentially wasting your time? etc." :>
> But again, nobody asked any hard questions - and while the talk nibbled
> around the edges of the tradeoffs with using machine learning techniques
> on this kind of data, it didn't go into any depth at all about which
> ones they've tried and failed at. It's a technical talk, but it's not a
> DETAILED talk in the sense of "Here's some outliers that show us where
> we fail and where we succeed and perhaps why".
> That said, if you don't have a plan to do this sort of thing, then
> you're probably failing at some level, so worth a watch. :>
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Dailydave