Machine_Learning_Applied_to_Threat_Intelligence.pptx

julie52115 21 views 14 slides Sep 16, 2025
Slide 1
Slide 1 of 14
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14

About This Presentation

Slides of a talk I gave at Gosec 25 in Montréal about how machine learning can help cybersecurity professionals in finding interesting patterns across a Ransomware dataset and attempt to predict the next possible attacks.

Size: 1.82 MB
Language: en
Added: Sep 16, 2025
Slides: 14 pages

Slide Content

Machine Learning Applied to Threat Intelligence (Ransomware) Julie Brunias Cybersecurity Consultant

Disclaimer This tool was developed independently on personal time and is not part of any official project or directive from my employer. The ideas, implementation, and code are solely my own.

Why CCCS (Canadian Centre for Cyber Security) didn’t have such mapping available SOC teams need TTPs to feed SIEM and perform Purple Teaming to ensure good coverage Machine Learning can help to anticipate the threats of tomorrow Why not build a dataset for the community that anyone from any domain can use?

How Gather and analyze as much data as possible about each ransomware group Identify reliable sources for those ransomware analysis Manually and programmatically parse the blogs in search of TTPs Perform manual mapping when it doesn’t exist Compile in a database Perform Frequency Analysis and Predictions via Machine Learning

Which algorithm Identify the right algorithms for the data we have: Linear Regression? : ❌ ransomware amounts fluctuate too much Logistic Regression ? : ❌ not applicable here, classification algorithm SVM ? : ❌ not applicable here, classification algorithm Random Forests ? : ❌ with RaaS we have a giant spider web, not very easy to visualize K-Means ? : ❌ Not applicable here, clustering of numerical values Gradient Boost? : ❌ not applicable here, useful for ranking features but ours are same scale Markov ? : ❌ not applicable here, useful when data is sequenced which is not the case here Try, Fail, Try harder Apriori : ✅ good candidate Monte Carlo : ✅ good candidate

Potential Architecture

Meet the dataset

Outputs 218 Mapped Ransomwares so far ! (Next version about 70-80 more) └ Frequency Analysis └ Predictions

Frequency Analysis

Frequency Analysis of groups of TTPs

Predictions

Questions ?

Want to stay in touch?

Thank You !
Tags
cybersecurity machine learning threat intelligence association rules predictions
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 21
  • Slides 14
  • Age 77 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
45 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
45 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
Know for Certain 21
Know for Certain
DaveSinNM
19 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views
View More in This Category