Non-Traditional Attack Surfaces to CIP and IIOT Networks [video]
Abstract
Mr. Fansler presentation will discuss the use of machine learning in cyber security. Some significant steps have been made in the I.T. world but not in the O.T. world. The only advances come from the attacker’s side where they are now getting smarter and faster. Their success is accomplished by implementing machine learning algorithms.
Machine learning is a branch of computer science aimed at enabling computers to learn new behaviors based on empirical data. The goal is to design algorithms that allow a computer to display behavior learned from past experience, rather than human interaction. Machine learning is a rapidly developing field at the intersection of statistics, computer science, and applied mathematics, and it is having transformative impact across the engineering and natural sciences.
In the past, Machine Learning has not had as much success in cyber security as in other fields. Many early attempts struggled with problems such as generating too many false positives, which resulted in mixed attitudes towards it. Some have argued that that while machine learning is very good at finding similarities, it is less successful at finding anomalies and therefore not suited to Cyber Security. On the other side, cybersecurity is “basically broken” and machine learning is one of the few ‘beacons of hope.’ Mr. Fansler will present his opinion of the latter.
Machine learning will enable 24/7/365 monitoring of larger data loads. It will still require human interaction and intervention. Machine learning will require tuning and lots of learning in order to accurately filter real attacks from what appear suspicious but are actually benign activity. It will complement traditional defenses to create a more multi-layered defense. It is inevitable that this is where the future of cyber security is.
Ampex’s objective is to design, develop, and demonstrate the use of distributed machine learning techniques in a mesh network to optimize sharing of Graphics Processing Units (GPUs) across platforms which will will provide a cyber-capability created specifically for control systems in the form of a high speed, high capacity, rugged computer devices, which, can detect, define, analyze, and mitigate cyber threats and vulnerabilities.
Description
NPS Defense Energy Seminar
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
LEVERAGING MACHINE-LEARNING TO ENHANCE NETWORK SECURITY
Salazar, Daniel (Monterey, CA; Naval Postgraduate School, 2018-06);This research examines the use of machine-learning techniques to identify malicious traffic in an emulated tactical computer network. The intent is to identify low-cost solutions based on open-source software capable of ... -
MULTI-DIMENSIONAL PROFILING OF CYBER THREATS FOR LARGE-SCALE NETWORKS
Calnan, Michael C. (Monterey, CA; Naval Postgraduate School, 2022-09);Current multi-domain command and control computer networks require significant oversight to ensure acceptable levels of security. Firewalls are the proactive security management tool at the network’s edge to determine ... -
A MACHINE LEARNING APPROACH TO NETWORK SECURITY CLASSIFICATION USING NETFLOW DATA
Watkins, John R. (Monterey, CA; Naval Postgraduate School, 2021-09);All computer network traffic can be associated with a specific signature based on a feature set within its metadata. There has been a significant effort in preprocessing data for machine learning for the purposes of ...