Engineering seminar: Cyber ​​Storm Tracker – Using Machine Learning for Cyber ​​Log Data

Dr. Glenn A. Fink, a senior cyber sercurity researcher with Pacific Northwest National Laboratory (PNNL), will give the talk.

Cyber ​​logs are not human language, but of all the common data types used in machine learning (ML), natural language is the closest. But cyber log data is very different from natural lanuage. Log lines contain lots of random-looking garbage. IP addresses and other things frequently change definition. Punctuationh is all over the place. Domain names look like Windows Active Directory names, which look like many other cyber “nouns.” And the syntax and semantics of phrases and terms changes from sensor to sensor. This makes cyber data challenging to ingest into ML models.

Dr. Fink will talk about the work done at PNNL to ingest cyber logs into natural language processing tools using embeddings. He’ll also show how embeddings can be used as coordinates to show how IP addresses change behavior and relate over time. At the end, seminar attendees will understand why there are still not many true ML methods out there for cyber, and what the major challenges are ahead.

Dr. Find has worked in computer security, deep learning, visualization, bio-inspired design and human-centric computing at PNNL since 2006. He is the lead inventor of several technologies, including PNNL’s Digital Ants technology, which Scientific American cited as one of 10 “world-changing ideas” in 2010. Digital Ants recently earned an award for Excellence in Technology Transfer from the Federal Laboratory Consortium and was listed as a finalist for an R&D 100 award. His work includes research in bio-inspired, decentralized cyber security and privacy. He has published numerous scientific articles and papers, has edited a book and hosted several workshops on computer security, privacy and the Internet of Things.

Dr. Fink was a three-year NSF IGERT Graduate Fellow at Virginia Polytechnic Institute and State University, where he completed his Ph.D. in computer science in 2006. Dr. Fink’s dissertation, “Visual Correlation of Network Traffic and Host Processes,” fostered the Hone technology that is currently an open-source software project. Dr. Fink was a software engineer for 15 years at the Naval Surface Warfare Center in Dahlgren, Va., Where he worked on projects such as the Trident ballistic missile program, a unified ground-control station for unoccupied aerial vehicles, and a virtual operations network for rapid-deployment coalition warfare. Dr. Fink served for 11 years as an Army Reserve officer in the Signal Corps, where he attained the rank of captain and commanded a communications company.

Dial-In Information

Join Zoom Meeting

https://unr.zoom.us/j/86280728838?pwd=V05ub0h2dWpESjBRVVREcnhrSVhLQT09


Friday, April 8 at 12:00 pm

to 1:00 pm

Virtual Event

Leave a Reply

Your email address will not be published.

Back to top button