Using community detection algorithms to reduce cybersecurity threats

Presented at BSides Austin 2017, May 5, 2017, 2 p.m. (60 minutes)

In any technology company, rogue user access presents one of the most common and potentially dangerous security threats that tends to go unnoticed and unaddressed. If a highly privileged account is compromised, NPI (non-public information) data can be exposed to malicious entities. At Capital One, we have utilized Community Detection algorithms on our associate network to determine associates who are over-privileged or have accesses to applications and servers that they should not have. We can assess our entire company's network daily, preventing numerous potential security threats. Our access groups have a convoluted naming structure, and much of the data is missing or invalid. In order to counteract this issue, we have also developed NLP machine learning algorithms to determine which of these access groups belong to production environments or represent administrative rights dynamically as they are created.

Presenters:

• Austin Osborne
  Austin Osborne graduated from the Massachusetts Institute of Technology with a Bachelor's Degree in Mechanical Engineering and a concentration in Software Development. He is currently pursuing a Master's Degree from Georgia Tech in Computer Science with a specialization in Machine Learning and Artificial Intelligence. Austin began working for Capital One in 2015 and now works in its Center for Machine Learning.

Links:

• https://bsidesaustin2017.sched.com/event/AP1r/using-community-detection-algorithms-to-reduce-cybersecurity-threats

Similar Presentations:

• Black Hat Europe 2016 / 50 Thousand Needles in 5 Million Haystacks: Understanding Old Malware Tricks to Find New Malware Families
• Black Hat USA 2018 / AI & ML in Cyber Security - Why Algorithms are Dangerous
• Still Hacking Anyway (SHA2017) / SHOULD I STAY OR SHOULD I GO? : THE ALGORITHMIC PUBLIC SPHERE AND YOU