Machine Learning (ML) is a buzzword today and an increasing number of organizations are using it widely for different applications. The takeaway of this talk is that particular care needs to be taken when using ML to identify anomalous activity from the noise because, unlike many other problems the “data” itself is often under direct or indirect attacker control. Through illustrations of how different classes of ML algorithms used in security detections can be subverted and strategies to protect and monitor such systems, attendees will walk away armed with the knowledge that is necessary to make their ML application attack,resistant. To attend this talk, no prior knowledge of ML is required. While we focus on security detections, the hardening techniques used here can be applied to any generic business intelligence setting.

Back to Derbycon 2014 video list