Deep Learning in Security—An Empirical Example in User and Entity Behavior Analytics (UEBA)

Slides PDF Video

Recently, deep learning has delivered groundbreaking advances in many industries. In this presentation, Dr. Wang will share empirical experiences of applying deep learning to solving some specific security problems with real-world customer attack detection examples. He will also discuss the challenges and guidelines for successfully deploying deep learning, or general machine learning, in broader security.

This session will feature two deep learning examples. The first example is a user-behavior anomaly detection solution using Convolutional Neural Network (CNN). Since CNN is most effective for image processing, Dr. Wang will introduce an innovative way to encode a user’s daily behavior into multi-channel images. He will also share the experimental comparison results of CNN hyperparameter tuning. The second example is a stateful user risk scoring system using Long Short Term Memory (LSTM). Most of the modern attacks happen in a multi-stage fashion, i.e., infection -> command & control -> lateral movement -> data infiltration -> data exfiltration. In this case, the company uses LSTM to monitor the temporal state transition of each user over these.“

Session hashtag: #SFds9

Dr. Jisheng Wang, Senior Director of Data Science, CTO Office at Hewlett Packard Enterprise

About Dr.

Dr. Jisheng Wang joined Aruba, a Hewlett Packard Enterprise company, in February 2017 through Niara acquisition. He currently serves as the Senior Director of Data Science in CTO office, and leads the overall effort of applying data science into different enterprise network areas. Jisheng has over 12-year extensive research and working experiences in applying state-of-art big data and data science technologies to solve challenging security problems, with 15+ top-tier publications and patents.

Jisheng joined Niara – a recognized leader by Gartner in User and Entity Behavior Analytics (UEBA) – in 2014. As the Chief Scientist in Niara, Jisheng has been leading the overall innovation and development effort in big data infrastructure and data science. He invented and developed the industry first modular and data-agonistic UEBA solution, and co-authored 3 patents and 2 machine learning papers.

Before that, Jisheng was a technical lead in Cisco over various security products. Jisheng received his Ph.D. in Electric Engineering from Penn State University, and M.S. and B.S. in Electric Engineering from Shanghai Jiao Tong University.