Presentation is loading. Please wait.

Presentation is loading. Please wait.

Machine Learning for Cyber Security

Published byЕвгений Милорадович Modified over 5 years ago

Similar presentations

Presentation on theme: "Machine Learning for Cyber Security"— Presentation transcript:

1 Machine Learning for Cyber Security
Unit : IOT device detection

2 Learning Objectives Taking a problem ML pipeline Raw data ML

3 IOT Device Detection IOT = Internet of Things Alexa Assistant IP Misc
Network Mobile ? Power Outlet camera IP TCP/IP Assistant Alexa Misc

4 What do we know? Classes? supervised? What are the features?
unsupervised? How much data do I have? Label? Vector Space Data

5 IOT data(40 features) Router F1 F2 F3 IP/TCP fields C S1 S2 S3 X Y F
X Y F SW S1 S2 Alexa Camera TCP/IP ✘ UDP/IP IP/TCP Network data pcap(Wireshark, TCP dump, libpcap)

6 Packet Eth IP TCP Payload ✓ ✓ feature

7 Sample Per packet basic Sample Window of time basic

8 Graph demo Vector space ML Data clean Evaluate

9 classes Supervised Identity MAC address Source IP Unsupervised

10 TCP/IP headers Source IP, if IP in camera_IPs, class=0 F1 F2 F40 S1 S2
Source IP, if IP in camera_IPs, class=0 X Y

11 Tshark and Python Vector space ML Data clean Evaluate WEKA
Feature extraction

12 Lab Goal is to extract features from pcap file Identify the feature
Write a python script List of IPs per IOT device for the classes 18 features

13 Lab environment Python Tshark WEKA Pcap Starter code
File Starter code Evaluate performance ML Select 3 algorithms Evaluate

14 Feature extraction Camera.pcap P1 P2 Camera Server Host Assistant
To use pcap Misc Mobile List of IPs Camera Server Host Alexa P1 P2

15 Graph Class Data vector Camera.pcap P1 features Camera /P1 P2
Vector space Camera.pcap /P1 P2 ML

16 Now we proceed to the code

17 Summary IOT Device Detection Lab Realistic data set Big data
Raw data => VSM ML pipeline WEKA

18

Download ppt "Machine Learning for Cyber Security"

Similar presentations

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.

IPv6 at NCAR 8/28/2002. Overview What is IPv6? What’s wrong with IPv4? Features of IPv6 IPv6 will soon be available at NCAR How to use IPv6.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
CCNA 1 v3.1 Module 11 Review.

CCNA 1 v3.1 Module 11 Review.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.
© 2006, The Technology Firm WWW.THETECHFIRM.COM Ethereal The Technology Firm.

© 2006, The Technology Firm Ethereal The Technology Firm.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Automated malware classification based on network behavior

Automated malware classification based on network behavior
IP (Internet Protocol) –the network level protocol in the Internet. –Philosophy – minimum functionality in IP, smartness at the end system. –What does.

IP (Internet Protocol) –the network level protocol in the Internet. –Philosophy – minimum functionality in IP, smartness at the end system. –What does.
Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Exploring How IP Address Protocols Work INTRO v2.0—4-1.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Exploring How IP Address Protocols Work INTRO v2.0—4-1.
What is FORENSICS? Why do we need Network Forensics?

What is FORENSICS? Why do we need Network Forensics?
1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 4 Routing Fundamentals and Subnets/ TCP/IP Transport and Application Layers.

1 © 2004, Cisco Systems, Inc. All rights reserved. Chapter 4 Routing Fundamentals and Subnets/ TCP/IP Transport and Application Layers.
Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.

Chapter 1: Introduction to Web Applications. This chapter gives an overview of the Internet, and where the World Wide Web fits in. It then outlines the.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.

The Inter-network is a big network of networks.. The five-layer networking model for the internet.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 7 Internet Protocol (IP) Routing.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 7 Internet Protocol (IP) Routing.
1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.

1 Chapter 3: Multiprotocol Network Design Designs That Include Multiple Protocols IPX Design Concepts AppleTalk Design Concepts SNA Design Concepts.
Private Network Addresses IP addresses in a private network can be assigned arbitrarily. – Not registered and not guaranteed to be globally unique Generally,

Private Network Addresses IP addresses in a private network can be assigned arbitrarily. – Not registered and not guaranteed to be globally unique Generally,
BAI513 - PROTOCOLS ARP BAIST – Network Management.

BAI513 - PROTOCOLS ARP BAIST – Network Management.
IP addresses IPv4 and IPv6. IP addresses (IP=Internet Protocol) Each computer connected to the Internet must have a unique IP address.

IP addresses IPv4 and IPv6. IP addresses (IP=Internet Protocol) Each computer connected to the Internet must have a unique IP address.

Similar presentations

Ads by Google