PCAP Feature Engineering for Machine Learning

Presented at Kernelcon 2019, April 6, 2019, 3:20 p.m. (20 minutes)

Once signature-based methods of intrusion detection were considered fallible, we turned to machine learning to detect malicious traffic. Each machine learning algorithm is only as effective as the data its fed and the data points, also called features, used to train it. This talk will discuss feature engineering of network traffic in a pcap format including a discussion of recent research on features that can help detect malicious traffic when deep packet inspection capabilities are lost in TLS 1.3.


Presenters:

  • Heather Lawrence - NARI
    Heather is a data scientist for the Nebraska Applied Research Institute who earned her undergraduate and masters degrees in Computer Engineering from the University of Central Florida. In previous lives she was a USN nuke, VA photographer, NCCDC winner, Hack@UCF mom, and darknet marketplace miner. Her current research centers on the application of machine learning to intrusion detection.

Links:

Similar Presentations: