CactusCon

CactusCon13
February 14-15, 2025
Mesa, AZ

Filtering by Tag: Ankur Chowdhary

Can Artificial Intelligence (AI) detect Advanced Persistent Threats?

There is a huge surge in marketing of Artificial Intelligence-based solutions that claim detection of Advanced Persistent Threat (APT) attacks using AI- algorithms. Often, the data backing the detection results of these algorithms are biased towards known attack patterns. To test existing AI-models, we developed a benchmark dataset extracted from packet capture of APT attacks we performed and benchmarked popular machine learning algorithms such as support vector machine (SVM), Stacked Autoencoder (SAE), and Long-term short memory-based Stacked Autoencoder (SAE-LSTM). We observed that existing datasets and network setup used for benchmarking machine learning models perform poorly in terms of detection accuracy when analyzed for different phases of APT. This talk will discuss what are limitations of current AI and ML, how we can develop better machine learning models for detection of slow and low attacks like APT. We will also introduce a new dataset DAPT 2020 which is first attempt towards building an Advanced Persistent Threat (APT) dataset.

Dr. Ankur Chowdhary is a cybersecurity researcher. He received Ph.D. (2020) and M.S. (2015) with specialization in cybersecurity from Arizona State University (ASU). His research interests include Cloud Security, Software Defined Networks, and application of Artificial Intelligence and Machine Learning in the field of cybersecurity. Ankur has co-authored over 25 research papers and one textbook in the field of cybersecurity. Ankur co-founded cybersecurity startup CyNET LLC (2017). Ankur has been quite active in cybersecurity education. Ankur was ASU’s National Cybersecurity Defense Competition (NCCDC) captain (2015-2018), and he is current team coach (2018-). He co-founded hacking club DevilSec in 2019 to teach offensive and defensive security to students at ASU. For more information about his work and research activities please visit ankurchowdhary.com.