ML in Security: Suspiciously Named Processes

Screenshot 2023-05-08 at 8.49.44 PM.png

Kumar Sharad, Sr. Threat Researcher, and Abhinav Mishra, Principal Applied Scientist, explain the motivation and goals for ML based detection in ESCU, highlighting the benefits of using pre-trained models over live-trained models. Then they dive into a specific example of how Splunk is using Deep Learning to detect suspiciously named processes and how to deploy it using the Splunk App for Data Science and Deep Learning (DSDL). Finally, they touch on how this comes together in ESCU and discuss additional resources.

Watch this tech talk to learn:

How to leverage Deep Learning models to detect suspiciously named processes
The design of a RNN based character-level model at the heart of the detection
How to use the pre-trained model via the DSDL app

Tech Talk part I:

Tech_talk_MLinSecurity_SuspiciouslyNamed Processes_1.mp4

Video Player is loading.

Current Time 0:00

Duration 0:00

Loaded: 0%

Stream Type LIVE

Remaining Time 0:00

(view in My Videos)

Tech Talk part II:

Tech_talk_MLinSecurity_SuspiciouslyNamed Processes_2.mp4

Video Player is loading.

Current Time 0:00

Duration 0:00

Loaded: 0%

Stream Type LIVE

Remaining Time 0:00

(view in My Videos)

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Get Updates on the Splunk Community!

ML in Security: Suspiciously Named Processes

Learn Splunk Insider Insights, Do More With Gen AI, & Find 20+ New Use Cases You Can ...

Buttercup Games: Further Dashboarding Techniques (Part 7)

Stay Connected: Your Guide to April Tech Talks, Office Hours, and Webinars!