The Machines are NOT Out to Get Us! How Machine Learning and Artificial Intelligence are Changing the Security Game

yeah I guess we'll go ahead and get started I think that most of the stragglers have have made their way in I get the coveted last session of the day right before all the door prizes so you guys are the few and the proud right now it's going to be important with such a small crowds coming important to have this a little bit interactive I don't end on standing up here and speaking we okay you got me okay cool it's going to be important for to be a little bit interactive or it's going to be really boring so I hope there's a few of you that don't mind me kind of using you as a point in the audience maybe help me

make a couple of my points if you don't want to be that person then just pretend it's like somebody is asking you to pray in Sunday school and just look at the floor and then we'll be good okay so I want to talk to you a little bit today about machine learning an AI kind of the underlying theme though is the machines are really not out to get us they actually help us do our jobs more effectively lilienthal about me I'll leave that up for a min or so takes you want to grab my email you have any questions you want any further clarification i am not an expert on this topic i am an avid researcher and

interested in thusi 'used but i'll be glad to share any of the things that I've learned I'll be glad to share my slide deck with you two I don't know if they're sharing the slides as a part of this or not but send me an email I'll be glad to send to you so whose use machine learning show hands oh its way to wait a few you probably all use machine learning they've ever been surprised when Facebook you posted a photo to Facebook and I said would you like to tag so and so who's had that happen to them you use machine learning who's had Siri or Google now voice recognition that's commonplace right you've used machine

learning Netflix suggestions it's always anime and superheroes for me yes I'm that kind of nerd spam filtering for your email we don't you turn this on anymore right for most web based email services out like the calm hotmail yahoo it just works right you get as much ma'am as you used to you don't machine learning yep you've used it so now by show of hands who's used machine learning almost everybody right everybody needs machine learning you know you just didn't really label it as machine learning so why the machines the machines are faster they have more memory over a longer period of time and they can notice details that we cannot notice as humans who has done the

wonderful job of being a security operation center analyst or an analyst for any sort of security stuff it's not easy right pick it through a haystack you got lots of data to look through how do you weed through the mountains of logs well everybody really kind of knows that we don't do a real good job of that so let's see if the computers can help us a little bit but in order to kind of set the context for how computers can help us do security related tasks I want to lead you through a couple of exercises so you kind of understand how machine learning works and then I'll tell you about a couple of flavors of

machine learning and then we'll talk about a few use cases wrap it up get you guys off to the door prizes my dad is the car mr. shinato he he was born in 1948 so he was about eight years old when he's really cool chevy cars came out he's he's a Chevy fan and early on i saw a lot of hot rods but i was born in 1971 so it's about 20 years as i'm a young kid i'm starting to see these cool cars 57 Chevy who's seen warner could probably pick one out right and I asked my dad what's the difference we 57 charity why is it so much more popular than the others well he kind of

started telling these little differences in the car model so as I show these some of you that know these cars will pick out which one is there's three models here one is 55 156 and 157 anybody know what that is any guesses 55 right in the back girl absolutely yes 55 fly tailfins aren't tall and the the chrome is a flat on the on the side trim you probably know this one right this is the popular one of the three right the 67 wine

tall fins sharp angle here and this wide dipping side trim and then this wide panel right here very interesting features of these cars are distinguishing right and then of course that leaves us with 56 right these the trim defend does not have a sharp angle it's flat more like the 55 but the side decals go down some fairly distinguishing features for these three cars what if I looked at through these three pictures and I told you well it's a 55 is the 55 because of the blue would make any sense right the wrong features but it is a differentiator between the 55 to 56 and 57 models that I put up here right these two are red therefore

we might conclude by looking at some features that they're the same they also have silver trim these two have the same wheels similar front end if you look at a 56 and 57 front and they look very similar right so your brains are now starting to think about features how do we tell the differences between things will lead you to another exercise that's a little more involved what are these so everybody gets to join in as I show these pictures what is this it's a chair how do you know that the chair somebody tell me one thing that it's what four legs in the back okay I'll buy that those are pretty good features alright

what else makes this a chair just by looking at that I mean we know the cheers of things you sit in it's flat

so it's somewhere between 18 and 24 inches is the horizontal surface okay I'll buy that that's a good feature what else it's it's human sized it has a good form for its function sure yeah what else anything else one user okay I'll buy that that'll make a little more sense when we talk about some other things here in just a minute what is this it's a chair right it meets the requirements right seat height but sighs four legs it's got a back horizontal surface meets all features what's this is this is here I'm call it a chair it's almost just like the first one right very similar features oh here's a different one this is here

what about this one it's a bit different though right so think about the processes we're learning this and we'll we'll get to this next set of pictures it'll kind of throw you a little bit for a loop these are all chairs right should be blatantly obvious I've given you an entire slide full of chair pictures but what do we do we came up with distinguishing features for what makes a chair now oh that's here okay and we'll call it you so we knew this because we we have processed a lot of images of chairs through our pattern recognizers our brains and we are given features but when you you I mean most of us don't

remember when we didn't know what a chair was right so we know what yours are just intuitively because we've processed a lot of images what's that it's what it's got four legs it's got the right height it's got a horizontal surface so what feature are we missing that distinguishes this as a stool and not a chair it's got a back right but we know this is a stool what is this so I took it does okay Tom we've had a pattern recognition failure right here this we've got a spaceship up here right what is this this is a stool and that cost that's a small coffee some of that small living room so how are they

different from chairs right no back okay

chair or stool

it's got a bit of a back what other things could i use to determine whether or not this is a chair or a stool other than the features that we've already talked about height of the back we could go with that shirt I'll buy that what else hi to the legs is higher than what we would normally consider a chair to be right what about this one oh dear this is very cherry yeah I'm gonna call it's a chair and meets on my chair if I've got a back got to see oh wait one of the features wasn't right this one has a feature that's off from the ones we talked about chairs seat height right features are

different so therefore today not a chair probably call it a stool or chair stool maybe it's a new thing all together what is that this one is any of four legs it's not a chair Cheers have four legs this is missing key features to define it as a chair and it's art okay

how do we know how do we determine chair or stool if I give you two categories and that's why you have to choose from right these are the answers that I want you to come to is that a chair is of the stool which one are you going to give me chair okay who would say it's a stool any very brave souls I'll stand alone and call it a stool because it doesn't mean a lot of the featured requirements are either one so it's kind of in this indeterminate state I'm not sure all right I'll agree with you it's a chair what's this one chair stool I hear a lot of chair do i hear any votes or stool

got a brave soul in the back stool why what's the thing that differentiates it makes it a stool what did we learn in our categorization what tall or seat size is too high to be a chair it's not between 18 and 24 inches this one's talk now you can't really tell that unless you actually see it measure it but I tried to get these at least in some general ratio where they look similar so this call it what a bar chair but that's not one of the two answers i gave you we've got to either call the stool or chair all right now we're going to let's look at some really really really interesting example what is that

it's quite a bit different right then what we've looked at but we could we would still be able to call it a chair based on the features that we had right it's got a butt size horizontal surface for legs even though this short I've got to back seat height on the college here what about this one no legs it's not a chair but it also doesn't meet my requirements for a stool so what we have to do now is we have to because since this one doesn't meet either set of features now we've got more features that we have to take into consideration to make a determination between whether something is a stool or a chair this is

obviously a chair right but why four points of contact ok so we're going to now revised our definition of chair instead of four legs it's got four points of contact but that really messes up the one the little blue round one because it had 6.2 contact and that office chair so we don't have to come to that exact determination for what these features are but what you know now is we've got a new thing that's different we know it's a chair how do we define some features around what it means to call this a chair so you're starting to understand the difficulties and machine learning because we know these things intuitively computers don't what about

that one holy moly that's a chair in an ottoman right we know that there is a stool like the stool and a chair right this is what about that one no Game of Thrones fans and now okay okay I expected a little more response from some of you all okay one last thing what is this chair or stool stool too low huh too wide it's got room for two or three busts on it bench costs it's a new thing so again now we have to adjust if I want you to make a determination of whether this is a stool or a chair I don't give you the possibility it's calling it a coffee table what are we

going to call it I'm going to call it a stool and i'm going to rewrite my features to include the parameters for this particular object right this is exactly how machine learning works specifically this flavor of machine learning is called supervised machine learning where we have a set of desired outcomes that we would like for the machine to determine for us chair or stool now in order to get a machine to make that determination about those images we have to feed lots of images into it thousands millions of images into a computer that can do image recognition and tell that these are all chairs and then we feed millions more images into it that are tools and then

let our algorithms run we get some really smart programmers to write some algorithms for us to make those two determinations to start to look at all of those images and determine if the four points of contact or is it just four legs can I have a chair that has around the bottom can I have a chair with no legs those sorts of things are things that our algorithms have to be written to be able to kind of understand as far as image processing goes so that we can do machine learning to make a determination of whether or not something is a chair or not or unfortunately maybe we don't know indeterminate sometimes that's what we end up with but

tons of data go in we feed the machine this is this this body of stuff is this and then we hope the machine is able after some running of the algorithm to come up with a model that says here are the features of these objects that you've said me that will determine whether or not it is in class a or whether it is in Class B whether it is a chair or whether it is a stool unsupervised is a little bit different so the two examples that I've just given you is supervised learning we have desired outcomes unsupervised looks at the data to determine baseline what is the normal state what are patterns that are within the data itself without

actually making determinations as far as what the patterns mean but this is a pattern in this data that I see whether it's a pattern in the images whether it's the fact that we make a determination that it's not the color red that makes the differentiation between the years of a car model but it's the trim features right that makes the differences in the car models unsupervised might might be able to take a look at that and say okay I see this pattern but all caught all of these objects are all red it doesn't make a determination it just says all of these are red every object you said me is red when I feed it a blue object what does

it do this is not normal and if we do that over a long period of time with a lot of data and we write our model such that it can look at all of them in new details that might be in the images or files or network traffic or server logs or firewall logs that we send the machine it can determine what normal is and do a much better job at detecting anomalies than we can we can't we can't look at that a huge set of data over six months and parse that all on our head be able to look at any given five minute window and say is this normal or not we just can't do

that our brains can't do it so but computers are really good at this sort of stuff right so that's what unsupervised learning does any questions on that or points clarification so we look for baseline normal behavior and once we know what the structure looks like and what it should look like any changes that we can observe really then become things that would probably ought to pay attention to so what are our use cases this is a security conference right you didn't just come to learn about machine learning antivirus what kind of learning are we doing with antivirus first we should probably talk about what we're actually what question are we trying to answer with antivirus

anybody want malicious or benign right so in that case then we have to desired outcomes therefore what kind of machine learning do we use for that supervised supervised machine learning turns out we'll talk about it here in a second now we're kind of lytic feed all of your network data we're now kind of at a point where with the compute capacity that we have in the cloud with the storage capacity to have in the cloud and the cost thereof we could conceivably store a lot of network data a lot of logs in the cloud and have enough compute capacity and enough well basically compete capacity sorry to actually analyze all I stuff right all we really need is somebody smarter at

the algorithm to look at a force to determine what normal looks like over a long period of time because why can't we determine normal we can't think in the timescales it's a matter of scale right the computers can just do this way better than we can machine behavior well sorts of things that we look at a machine behavior what what are the things that we care about that determine normal versus not normal on a computer file accesses processes network accesses there's all sorts of stuff that we can look at on machines and there's tools that let us do that the key is to get that information in one place so we can do analytics on it and again it's really

all about time and the amount of data that we can take a look at identity what are the things that determine who you are on the computer but it's you and not me what things we use today to determine it's you and not me username passwords okay comment what else biometrics what else tokens something half right what else oh now we're starting to move into more interesting stuff when I log into the computer okay how the hell could that determine Chris normally doesn't log in till after 8am that's been a proven pattern over years I log in before 8am is that normal that is not normal I should probably pay attention to that should I pay attention to all the other

normal activities maybe not what else do you know the patterns in the way you wake your machine up with your mouse and the keys that your fingers hit first on the keyboard and how you type in patterns just too tight just the timing between the letters if you type and the way that you use words and typing can be used to identify you uniquely with one hundred percent certainty no but if you combine that with all of these other things we could potentially feed that into a machine to say is the person using this computer based on all of the stuff that we know about how this person is using the computers its kill crius or

to somebody else this is probably the edgiest use case right now because we don't have a good way to do this real time to capture all of that data real time and do user base real time but we do have there are actually some products out in the space and I'll talk a little bit more about them here in just a second so let's dive a little bit into these use cases antivirus right a lot of samples do we know if products to do this today who knows of one they told me not to talk about products but that didn't mean I couldn't get you to talk about products huh there's virustotal there's some endpoint

solutions that do this silence that's one right they were out here right who else does this a couple of other vendors in the space we're starting to see really some merging of functions in most of the endpoint security vendors are starting to see that machine learning makes a ton of sense and if you're not doing machine learning you're you're not doing your job as far as antivirus goes a lot of organizations are finding high levels of efficacy in their antivirus software by using next-gen antivirus products that are based on machine learning and artificial intelligence but it has to have smart people to write the algorithms that have a lot of samples a lot of samples like petabytes the file

samples to look at the file features how are the files signed what does the Machine language look like I mean there's all sorts of things that we can look at and files that aren't just this pattern in the file means it's malicious right because that's traditional antivirus this string of bits means this file is malicious and we can never be proactive we're only ever reacted with traditional antivirus with machine learning who can actually be proactive files with these features are malicious and we can make that determination with a great degree of certainty because we've said a huge amount of data into and said here's millions of malicious files go work on this here's millions of

benign files that we know are good and then we start to feed it unknown samples that we don't know whether their malicious or benign and then we can measure how effective our algorithms are improve the algorithms rerun and over a period of months and years we can come to a solution that's really actually quite effective and they actually have these in the space some of them we've already mentioned well you need lots of storage and compute capacity to run the algorithms but the cool thing is once the algorithms have run and you determine what the features are you care about you can come up with a much smaller subset of those that can actually run on agent you don't need to

actually run a I and the machine learning on the agent you just run a very small model of the larger corpus of learning machines is already done so you don't have to have a cloud on your premise in order to do machine learning based antivirus run the algorithm feeding samples in generate a smaller model includes apartment features and that's what we care about several mature commercially implemented examples if you want those examples we'll talk when I'm not on the mic all right networking machine behavior so I kind of lump these two together because are very similar we capture all the network activity we capture all of the Machine behavior all of it feed it up into one place run the

machine this can be care by today for a decent-sized network you probably don't have these resources on site right this is something that somebody else is probably going to have to do on your behalf and then you determine a baseline because that's where and so we've moved into what kind of machine learning here when I say the word baseline it's a different kind right so we're not determining good or bad we're determining normal or not normal right so now we moving into doing unsupervised machine learning so we make a baseline and we look for deviations in the baseline what is normal does this machine ever access this resource does it ever access this website does it ever

access this registry entry I've thank you so these tools great thank you these tools are maturing still not as mature probably as machine learning-based antivirus solutions but cool thing is most of them the commercially available products that our machine learning-based antivirus are looking at this space too so where they've been successful with getting machines to determine anti-wear is whether a file is malicious or benign they're starting to recognize that we need to play in this space and you can use those same data scientists that run those algorithms in the same storage and compute capacity that you had to run against all those benign and malicious files to do these same sorts of calculations to determine what's normal

and what's not and then tune a set of tools that can look at very specific features instead of all of the features look at the ones that are actually important in determining normal versus not normal and then you can run that actually in a much smaller agent on actual pcs that don't have the same computer class today that your large machine does its and MIT probably in the cloud so identity is a little tougher we have to measure continual usage of the computer measure the time I mean things I mentioned before the more sensors that you have on a computer the better you're able to measure things that are important to determine a user identity

has anybody use the windows facial recognition for authentication like it those use it really there's nobody even tested this I'm able to fairly consistently get my test machines to look to determine that it's me and log me in when I'm wearing a hat where I'm wearing glasses take my glasses off when I shaved my beard off it's able to make those determinations it's a little bit better now because they're actually using a special IR camera to look at heat pattern so that you can't just shove a picture of me up in front of the camera to get it to authenticate you as me which was the old way of kind of fooling those sort of facial recognition

algorithms the more sensors you have the more you can determine about who user is right and we should use them they're getting more accurate and the combination of multiple sensor instead of the reliance on one like fingerprint I mean how long we'll be talking about using fingerprint recognition for authentication it's got problems right not as reliable sometimes won't get you logged in right but if you use the combination of all the sort of things to say this person looks 99% like Chris yes that's great so the more sensors that we get the more we can measure and the more things that we can think about that are actually able to determine not just specific things that

are who I am I fingerprint my face but also my behavior as we combine all of those we can feed those up into a machine and determine what is normal for me is not if we can determine what's normal for me and then we can look at anomalies in that behavior to determine is the still Chris or somebody else and then if we're really picky we can say what do I do is this just Chris behaving differently typing differently it's sick is he drunk if you've heavily medicated for some reason or is this really actually another person that's what we have to I think we're still starting to see some of the maturity in this area

there's actually some commercial products to do this sort of stuff the challenge is can we make those models small enough and read that data quick enough and let the Machine make a determination quick enough that we can do this in real time because i can't wait months to develop math model based on my behavior just so i can log into my machine right

but this space is maturing even though there aren't a whole lot of commercially available products it's an area of interest for a lot of people and if you talk to folks that are doing vendors that are doing any sort of machine learning the commercial States they recognize a continual identity is a problem that machines will solve for us at some point it's a matter of when we get there getting the models written right and then finding a way to implement it on end points so will we get rid of the usernames and passwords maybe so in conclusion machines are better than us at this stuff way better than us at this stuff the problem that

we have is it's kind of hard for us to get our heads around how the machines are doing this work so I really I kind of put this talk together to kind of give that high level overview of how machines do how we do learning and how that kind of translates the machine learning because I've actually SAT around the table with folks that said I get this next-generation antivirus stuff it seems to make sense but what you're telling me is I have to trust that the machine is making a correct determination I really want to know how the machine made the determination and with traditional antivirus products I can do that right I can look at the

signature and I can say if it has these bits in the file it is virus it's malicious if it doesn't have those and it's not that and if I check all of the known samples for malicious software and I have a signature for those then I can rest assured that at least of the things that we know about this is not one of those so assumption do we make it's benign if it doesn't match any malicious pattern we can get our heads around how that works that's an easy process and I can look at it and actually know about the bits are but you can't possibly know the corpus of data and all the features

that went into training a math model to then narrow that down to a certain set of features that say this is what is determining whether something is malicious or not too much data over too much time for us to get our heads around so they just have to trust the machines like it or not if we're going to rely on the intelligence that they can bring to bear the computing capacity that can bring to bear the storage capacity and bring to bear to solve some of these sorts of problems and oh by the way in addition to machine learning we can also use artificial intelligence algorithms of various sorts to improve the machines abilities to learn to supplement the

machines abilities to learn because these are two different things artificial intelligence does not equal machine language the machine learning they're two separate things all right I think I have a little bit of time for questions any questions yeah

good question i think one of the things that i have found and that this is a particular interest to me it's kind of understand how this stuff works I think that's important and then to stay relevant it's a Wow tough question I'm not real sure how to answer that one if the machines take my job what do i do right I think we can move into things that really require more neural neurons than just the wrote stuff that we can get computers to do for us I think for a long time we kind of assumed that we need a full-time staff of four or five people to be looking at logs all day long well now we have a solution to that

machines can do that for so we can trust them to do it we should let them do it for us and then we can move on to higher level things what those are I'm not sure I'm going to work on my 74 Dodge Dart what I'm going to do any other questions yes

no we are because we've had I've had 45 years of training over a lifetime of experiences and probably millions of shares that I've seen to know what a chair is yeah we don't have that amount of time to think about the next malicious variant of viruses that are coming out though I have 45 years to train you to figure out what that looks like and it wouldn't be worth my time when I can get a computer to do it like that so the things that are hard for us to learn we can offload that to computers or not yes they mm-hmm well so that's why I stepped you through those examples of what is this

right it's things that do match one of the other that's where we have to retrain our models to determine because remember it's supervised learning we have to out we have a set of outcomes whether it's in the case of antivirus right it's either malicious or benign well most folks have also kind of come to understand that there's how this middle thing that's gray right yep and refine our models to understand new features and we incorporate new features so that we may can make better determinations because usually it's not a binary sort of thing it's not a 0 or a 1 this is good or this is bad it is this is real this is mostly bad this is

mostly good and there's a whole lot of stuff in the middle and that line has to move and we have to train our model to hopefully sort those things much further kind of like the opposite of a bell curve i would guess that's not very mathematical with me i should probably not talk where i pardon sure yep we do any other questions yes okay I'll be glad to give you a silly answer is a hot dogs yeah yeah so in machine learning if we're going to have it ask for the answer questions for us we have to have determined that answers we can't have indeterminate answers or machine learning can't really do it because I

can't then feed it a corpus of stuff for example if I have a known malicious and known benign files and I feed millions of files into my machine and have it crank on that stuff to figure out what's what I can't also have underlying this indeterminate state in the Middle where it's not and feed it a bunch of files that I don't know anything about you don't do that so you train the machine to know what's what it knows this these are malicious I know these are malicious go to on these these are benign I know they're benign go chew on these now you have to hope that you got that right when you said it to the machine or the

machine will make bad determinations but given that the machine is able to sort that stuff out where you can have a reasonable degree a fairly broad boundary or you don't have any indeterminate answers in the middle it's all about the algorithms and the math models that we use to do that really yes

Phil the

so what we do is we feedback loops and supercilious if occur when we talk about supervised learning we say these are good these are bad and then when the computer is unable to make a determination on I mean we boost elvet these are good and czar bed and we feed it something unknown and it's not able to make a determination then we have to come in that's why they call it supervised learning and help it make a determination whether this is good or bad help guide it and that way you can relearn so that's why they call that supervised learning it requires some intervention of a higher power to guide the process whereas unsupervised is just

saying I'm not making any determinations here I'm just telling you what I see this is all what I would consider to be normal and now something has happened that's not normal that's unsupervised learning we have a lot of undetermined 'it answers there because we are not really making any conclusions other than a baseline yes

mm-hmm [Music] okay so that would be assumptions that we would feed into our learning model to say that we know there's this other state of things right

yep as the algorithms and the corpus of data that you feed it

mm-hmm [Music]

now you can't just discard that stuff Yeah right right yeah I think so but but i think if we look at the outcomes that we're trying to determine specifically with these sorts of tools i mean the one that's very applicable and it has had a high degree of efficacy is antivirus malicious or benign we that we've done a really good job collectively of solving that problem with machine learning even in accomplishing all the outliers because the outlier should become input into the development the algorithms and into the next corpus of data that we used to train the machine so it's not a set and forget it where you run it once then I now I know how to make these

determinations because new stuff comes right and then we have to make more determinations and rerun the algorithms and re-learn how we work yep all right I think I'm out of time thank you [Applause]