SESSION

Exploring Anomalies in Authentication Logs with Autoencoders

OVERVIEW

EXPERIENCEIn Person
TYPEBreakout
TRACKData Science and Machine Learning
INDUSTRYEnterprise Technology
TECHNOLOGIESAI/Machine Learning, Apache Spark
SKILL LEVELAdvanced
DURATION40 min

Authentication logs are used today to detect cybersecurity events using various rule-based models with restricted look-back periods. These functions have limitations, such as a limited retrospective analysis, a predefined rule set, and susceptibility to generating false positives. To address this, we adopt unsupervised techniques, specifically employing autoencoders. To properly use an autoencoder, we need to transform and simplify the complexity of the log data we receive from our users. This transformed and filtered data is then fed into the autoencoder, and the output is evaluated.

SESSION SPEAKERS

Jericho Cain

/Sr Staff Security Data Scientist
Adobe

Hayden Beadles

/Sr. Security Machine Learning Engineer
Adobe