Clustering Of Web Attacks: A Walk Outside The Lab

Abstract: A lot of research was done about clustering attacks of different types using many Machine Learning algorithms, with high rates of success. These were mainly done from the comfort of a research lab, with specific datasets and no performance limitations. In this session I will share my experience with dealing with clustering of attacks in near real-time scenarios where performance is a key factor, and where the reality punches lab statistics in the face. I will discuss some of the challenges we experienced during the research like: 1) Applying a clustering algorithm to a stream of data. 2) Extracting meaningful features from limited data. 3) Translating different features into something we can calculate distance from. Speaker Bio: ilad Yehudai is an algorithm developer and security researcher at Imperva’s web application research group. Gilad develops algorithms and solutions using state-of-the-art machine learning algorithms, and also researches new security threats and vulnerabilities. Gilad holds a B.Sc. and a M.Sc. in Mathematics from Tel Aviv University. He has a very analytical and technical background with experience in both statistics and machine learning. A math geek by day and an avid Snooker player by night (And vice versa).