Analyzing a large number of security alerts can be repetitive and tedious. To help cope with the growing complexity of systems, analysts can use machine learning algorithms and other data analysis concepts. By doing prediction, machine learning algorithms can help prioritize and even reduce the amount of manual work needed. Data analysis can also help gain a better understanding of our data.
The workshop will introduce participants to the world of machine learning using the software Orange. A security-related scenario will be used for the hand-on exercises. For this scenario, a large dataset of vulnerabilities from web applications reported by a static analysis tool will be used. The dataset of vulnerabilities was enriched with key metadata that will help the algorithms. Some metadata will need transformation. Based on issues that were classified, it will be possible to predict which unclassified issues are likely to be actual vulnerabilities.
The participants will be able to apply the same principles to the dataset in other contexts such as malware classification, system alert classification, vulnerability management, etc.
This workshop will cover the following topics:
- Data visualization
- Making predictions
- Comparing features and models
- Bring your own laptop
- Operating system compatible for Orange (Windows/Mac/Linux)