Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Special Reports

AI and cybersecurity: an original and innovative approach to ransomware detection by OpenStudio

November 2021 by OpenStudio

Faced with the multiplication and sophistication of ransomware attacks, companies are looking for ways to counter them. OpenStudio* has implemented an original and innovative approach, both in form and method, to detect these intrusions. Open studio’s Data Scientists have the idea to use AI by combining two algorithmic methods and to work with the client’s cybersecurity teams, by organizing a hackathon.
*OpenStudio is a company specialized in responsible digital innovation via custom web development and AI

A hackathon to collaborate with client cybersecurity teams

To determine how cybercriminals broke into the client’s computer network, OpenStudio’s Data Scientists proposed a hackathon with the client’s cybersecurity teams.
This collaborative effort allows the client’s cybersecurity teams to understand the method used and to become self-sufficient in dealing with future attacks.

AI to process large volumes of data

During this hackathon, OpenStudio’s Data Scientists processed and analyzed, by using AI, millions of event logs from the company’s anti-virus and firewall. The goal was to trace the attack and identify points of vulnerability.

To detect anomalies in the network, OpenStudio had the idea of combining:
· the K-means algorithm to differentiate the cluster of majority data considered as normal from the cluster of unusual and therefore suspicious data that should be analyzed.
· the Random Forest algorithm to identify the variables that discriminate the clusters through a new set of labeled data and supervised learning.

The constitution of a labelled data set integrating data structures relating to proven or simulated attacks, as well as the automation of artificial intelligence tools, allow for an effective monitoring of systems in near-real time and alert internal actors in charge of cybersecurity of potential attacks.

"Thanks to this method, we developed, for and with a company, a specific solution to the problem it’s facing. The collaborative work with the client’s cybersecurity teams saves us time and allows them to keep control of the vulnerability resolution process. We recently carried out such a mission for an industrial company that was struggling with ransomware (Sodinokibi) and solved the problem in 3 days" Jean Luc Marini, Head of the OpenStudio AI Lab.

Method
Data preprocessing
Processing of 8 millions logs
Clustering
With K-Means algorithm
Characterization
With Random Forest algorithm
Validation
Checking suspect data by cybersecurity experts

Clustering with K-Means algorithm
Axis #1
Axis #2
Majority logs
Minority and possibly abnormal logs
Characterization with Random Forest algorithm
Importance
Variable #1, #2 ...


See previous articles

    

See next articles












Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011