PRO+ Premium Content/Information Security
Access your Pro+ Content below.
Overwhelmed by security data? Science to the rescue
This article is part of the Information Security issue of August 2018, Vol. 20, No. 4
When Charles Givre, lead data scientist at Deutsche Bank, teaches security teams about the benefits of applying security data science techniques, he often focuses on a common malware tactic: domain-generation algorithms. Used by malicious programs to establish contact with a command-and-control server, domain-generation algorithms, or DGAs, create a list of domain names as potential contact points using pseudo-random algorithms. The domains change often -- usually daily -- and can look random or use random words. For humans, finding a single computer's call to a random domain is a difficult problem. Yet data analysis can quickly call out the anomalous communications. "Machine learning and data science are being employed in the security realm to rapidly scan through massive data sets and find things based on previous patterns without a human having to tell the machine to do that," Givre said. "More organizations are collecting more data from their networks and systems, and it becomes a virtual impossibility to have a person ...
Features in this issue
-
Overwhelmed by security data? Science to the rescue
Security teams increasingly use large data sets from their networks to find hidden threats. Why companies should embark on their own data science and machine learning initiatives.
-
Not enough information security analysts, despite higher wages
Survey data on global skills shortages does not show significant changes, even as companies turn to strategies such as security automation to make security teams more efficient.
Columns in this issue
-
Why third-party access to data may come at a price
Google and other platform companies dangled not only APIs but access to user data from unwitting customers to attract third-party developers and other partners.
-
Fannie Mae CISO calls for more data on security incidents
Chris Porter's years as a lead analyst and author of Verizon's Data Breach Investigations Report helped prepare him for the chief of security role at the primary housing lender.