Blog

Choosing an optimal algorithm for AI in cybersecurity

Posted by Sohrob Kazerounian on Aug 15, 2018 6:00:00 AM

In the last blog post, we alluded to the No-Free-Lunch (NFL) theorems for search and optimization. While NFL theorems are criminally misunderstood and misrepresented in the service of crude generalizations intended to make a point, I intend to deploy a crude NFL generalization to make just such a point.

You see, NFL theorems (roughly) state that given a universe of problem sets where an algorithm’s goal is to learn a function that maps a set of input data X to a set of target labels Y, for any subset of problems where algorithm A outperforms algorithm B, there will be a subset of problems where B outperforms A. In fact, averaging their results over the space of all possible problems, the performance of algorithms A and B will be the same.

With some hand waving, we can construct an NFL theorem for the cybersecurity domain:  Over the set of all possible attack vectors that could be employed by a hacker, no single detection algorithm can outperform all others across the full spectrum of attacks.

Read More »

Topics: machine learning, AI, deep learning


Cyberattack detections from more than 250 Vectra customers with over 4 million devices and workloads

Posted by Chris Morales on Aug 8, 2018 5:08:00 AM

Recently, Vectra published the 2018 Black Hat Edition of the Attacker Behavior Industry Report, which covers the period from January through June 2018. While there are plenty of threat-research reports out there, this one offers unique insights about real-world cyberattacker behaviors found in cloud, data center and enterprise networks.

Read More »

Topics: attacker behavior


Types of learning that cybersecurity AI should leverage

Posted by Sohrob Kazerounian on Jul 18, 2018 6:00:00 AM

Despite the recent explosion in machine learning and artificial intelligence (AI) research, there is no singular method or algorithm that works best in all cases.

In fact, this notion has been formalized and shown mathematically in a result known as the No Free Lunch theorem (Wolpert and Macready 1997).

Read More »

Topics: machine learning, AI, deep learning


Breaking ground: Understanding and identifying hidden tunnels

Posted by Cognito on Jul 11, 2018 11:00:00 AM

It’s me again – Cognito. As always, I’ve been hard at work with Vectra to automate cyberattack detection and threat hunting. Recently, we made an alarming discovery: hackers are using hidden tunnels to break into and steal from financial services firms!

Clearly, this is serious business if it involves bad guys targeting massive amounts of money and private information. But what exactly are we dealing with? Let’s dig into what hidden tunnels are and how I find them to uncover the answer.

Read More »

Neural networks and deep learning

Posted by Sohrob Kazerounian on Jun 13, 2018 6:00:00 AM

Deep learning refers to a family of machine learning algorithms that can be used for supervised, unsupervised and reinforcement learning. 

These algorithms are becoming popular after many years in the wilderness. The name comes from the realization that the addition of increasing numbers of layers typically in a neural network enables a model to learn increasingly complex representations of the data.

Read More »

Topics: machine learning, AI, deep learning


Giving incident responders deeper context about what happened

Posted by Cognito on Jun 4, 2018 9:54:43 AM

If you’re joining me for the first time, I want to introduce myself. I am Cognito, the AI cybersecurity platform from Vectra. My passion is hunting-down cyberattackers – whether they’re hiding in data centers and cloud workloads or user and IoT devices.

Cybersecurity analysts are overwhelmed with security events that need to be triaged, analyzed, correlated and prioritized. If you’re an analyst, you probably have some incredible skills but are being held back by tedious, manual work.

Read More »

Topics: Malware Attacks, Cyberattacks, IoT, network security, cybersecurity, Data Center, cloud, AI, Threat Detection


How algorithms learn and adapt

Posted by Sohrob Kazerounian on May 24, 2018 12:59:06 PM

There are numerous techniques for creating algorithms that are capable of learning and adapting over time. Broadly speaking, we can organize these algorithms into one of three categories – supervised, unsupervised, and reinforcement learning.

Supervised learning refers to situations in which each instance of input data is accompanied by a desired or target value for that input. When the target values are a set of finite discrete categories, the learning task is often known as a classification problem. When the targets are one or more continuous variables, the task is called regression.

Read More »

Topics: machine learning, AI


AI vs. machine learning

Posted by Sohrob Kazerounian on Apr 26, 2018 2:54:47 PM

“The original question ‘Can machines think?’ I believe to be too meaningless to deserve discussion. Nevertheless, I believe that at the end of the century, the use of words and general educated opinion will have altered so much that one will be able to speak of machines thinking without expecting to be contradicted.” – Alan Turing

Read More »

Topics: machine learning, AI


The rise of machine intelligence

Posted by Sohrob Kazerounian on Apr 10, 2018 8:35:27 AM

Can machines think?

The question itself is deceptively simple in so far as the human ability to introspect has made each of us intimately aware of what it means to think.

Read More »

Topics: machine learning, AI, alan turing


The alarming surge in cryptocurrency mining on college campuses

Posted by Chris Morales on Mar 29, 2018 12:01:00 AM

While ransomware attacks like NotPetya and WannaCry were making headlines (and money) in 2017, cryptocurrency mining was quietly gaining strength as the heir apparent when it comes to opportunistic behaviors for monetary gain.

Read More »

Topics: Cyberattacks, cybersecurity, bitcoin, cryptojacking, cryptocurrency


Subscribe to the Vectra Blog



Recent Posts

Posts by Topic

see all

Follow us

Test