Brandon Stultz, Research Engineer at Cisco Talos, walks you through using SnortML – a machine learning-based detection engine that can detect novel attacks that match known vulnerability types. This video shows how SnortML tackles the zero-day problem, provides an overview of the vulnerability classes it is currently trained on, and a look at neural networks. The video concludes with a model development lab where you'll see Brandon build a new model to detect a SQL injection attack. The SnortML and LibML code can be found on GitHub https://github.com/snort3. You can also join the conversation on our Discord https://discord.com/invite/Sdgsg8MtQQ.

Chapter:

0.00 The Zero-Day Problem
01:15 Vulnerability classes on which SnortML is trained
03:21 Common exploit examples
05:00 What is machine learning?
06:32 What are neural networks?
08:09 Recurrent neural networks
09:10 Long-term short-term memory neurons
11:33 How we built SnortML
13:17 LibML
15:11 Model development laboratory
24:14 Conclusion

Please take the opportunity to connect with your friends and family and share this video with them if you find it useful.