Splunk Tech Talks
Deep-dives for technical practitioners.
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

ML in Security: Suspiciously Named Processes

WhitneySink
Splunk Employee
Splunk Employee
‎05-08-2023 07:54 PM

Screenshot 2023-05-08 at 8.49.44 PM.png

Kumar Sharad, Sr. Threat Researcher, and Abhinav Mishra, Principal Applied Scientist, explain the motivation and goals for ML based detection in ESCU, highlighting the benefits of using pre-trained models over live-trained models. Then they dive into a specific example of how Splunk is using Deep Learning to detect suspiciously named processes and how to deploy it using the Splunk App for Data Science and Deep Learning (DSDL). Finally, they touch on how this comes together in ESCU and discuss additional resources.

Watch this tech talk to learn:

  • How to leverage Deep Learning models to detect suspiciously named processes
  • The design of a RNN based character-level model at the heart of the detection
  • How to use the pre-trained model via the DSDL app

Tech Talk part I:

Tech_talk_MLinSecurity_SuspiciouslyNamed Processes_1.mp4
Current Time 0:00
Duration 0:00
Loaded: 0%
Stream Type LIVE
Remaining Time 0:00
 
1x
    • Chapters
    • descriptions off, selected
    • captions off, selected
      (view in My Videos)

      Tech Talk part II:

      Tech_talk_MLinSecurity_SuspiciouslyNamed Processes_2.mp4
      Current Time 0:00
      Duration 0:00
      Loaded: 0%
      Stream Type LIVE
      Remaining Time 0:00
       
      1x
        • Chapters
        • descriptions off, selected
        • captions off, selected
          (view in My Videos)

          Labels
          0 Karma
          Get Updates on the Splunk Community!

          See your relevant APM services, dashboards, and alerts in one place with the updated ...

          As a Splunk Observability user, you have a lot of data you have to manage, prioritize, and troubleshoot on a ...

          Index This | What goes away as soon as you talk about it?

          May 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...

          What's New in Splunk Observability Cloud and Splunk AppDynamics - May 2025

          This month, we’re delivering several new innovations in Splunk Observability Cloud and Splunk AppDynamics ...
          Top