AppSec Israel 2018 has ended
WIA [clear filter]
Wednesday, September 5

17:00 IDT

Gathering, networking, wine and cheese

Wednesday September 5, 2018 17:00 - 17:45 IDT
Room 001

17:45 IDT

avatar for Shira Shamban

Shira Shamban

Dome9 Security

Wednesday September 5, 2018 17:45 - 18:00 IDT
Room 001

18:00 IDT

DNS Exfiltration or Why I threw away my supervised learning models for anomaly detection

Supervised learning (or “machine learning by examples”) is here to stay, but is it always the optimal solution? Whenever engineers need to tell the difference between cats and dogs they will turn to supervised learning models provided with lots of training examples. But what happens when you’re looking for a rare and extraordinary phenomenon such as a unicorn? In that case you might have abundant examples of horses but almost no unicorn examples. In our story, the unicorn is the problem of detecting “low and slow” DNS exfiltration attacks, such as the 2014 cyberattack on Home Depot that resulted in the theft of 65M credit card numbers. While the Home Depot attack establishes the importance of the problem, it’s rare to find enough similar examples in order to predict the next DNS exfiltration cyber campaign. In this talk we will discuss the advantages of Anomaly Detection in the absence of training samples and walk through our solution based on the Isolation Forest algorithm and the challenges we faced implementing it as a large-scale solution in Spark Scala. This is the story of how we had to take a different approach to our problem and how we got to catch and block a live ‘white-hat’ cyber attack on one of our clients’ platform.

avatar for Ada Sharoni

Ada Sharoni

Senior Software Developer, Akamai
Originally started as an algorithm developer in signal processing and for the past several years have been a back-end developer. As a "Talpiot" graduate, I served in the Israeli intelligence community and as a commander of Talpiot cadets. When asked about my favorite book I still... Read More →

Wednesday September 5, 2018 18:00 - 18:30 IDT
Room 001

18:30 IDT

Lessons Learned from My Path in the Appsec World
avatar for Tamar Twena-Stern

Tamar Twena-Stern

Software Manager & Architect, Bit
I am a software manager and an architect. In the past, I Managed a development group in Edgeverve systems and was an architect of a transaction engine. I also led a team of performance experts at NCR Retail , I was a solution architect in Personetics, and I had a start up of my own... Read More →

Wednesday September 5, 2018 18:30 - 19:00 IDT
Room 001

19:00 IDT

Wednesday September 5, 2018 19:00 - 19:30 IDT
Room 001
Filter sessions
Apply filters to sessions.