Machine Learning with Zeek and Tensorflow (Part 1): Talking to Zeek

Machine Learning with Zeek and Tensorflow (Part 1): Talking to Zeek

Channel:
United States SANS Cyber Defense
Subscribers:
20,000
Published on ● Video Link: https://www.youtube.com/watch?v=kotOADXlFco


Duration: 52:16
2,038 views
55

How do you get your packet and stream data out of Zeek so that you can use it in Machine Learning? How can you classify your network data using TensorFlow? How can you detect anomalies and anomalous protocols on your network for threat hunting in real time? Come join us for packets, python, and fun!

In this first episode, our goal is to establish Broker communications between Zeek and an external Python script. Once that’s working, we’ll turn our attention to creating a Zeek script that can send the start of the stream data to our Python script for future classification.

David Hoelzer, the operations chief for Enclave Forensics, Inc. and a managing partner with Occulumen, Ltd. (and SANS Fellow) will lead this livestream. David has more than thirty years of experience in the IT and cybersecurity fields, with more than 25 years specifically in the network monitoring, SOC operations, and incident response fields. He leads the machine learning function within Enclave Forensics and is the author of both SEC503 (Intrusion Detection In-Depth) and SEC595 (Applied Data Science and Machine Learning/AI for Cybersecurity Professionals).

More Info About:

David Hoelzer: https://www.sans.org/profiles/david-hoelzer/

SEC503: Intrusion Detection In-Depth
https://www.sans.org/cyber-security-courses/intrusion-detection-in-depth/

SANS SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
https://www.sans.org/cyber-security-courses/applied-data-science-machine-learning/



#tensorflow
#machinelearning
#ai
#ml
#machinelearning
#zeek
#networking
#datascience
#python



Other Videos By SANS Cyber Defense


2021-10-26The Yellow Brick Road: Where Lions and Tigers and Bears Meet
2021-10-24Adversary Simulation: Measure and Close the Gaps in Your Security Posture
2021-10-22Can we REALLY 10X the SOC?
2021-10-21Zero Trust Architecture – Applying ZTA in Today’s Environment
2021-10-20A River Runs Through IT: What Whitewater Rafting Taught Me About Incident Response
2021-10-15Network Protocol Classification with Random Forests
2021-10-15Container Monitoring
2021-10-08Applying Machine Learning to Network Anomalies | Part 3
2021-09-17Machine Learning with Zeek and Tensorflow (Part 2): Processing the Data
2021-09-07Key Tactics for Automating Security Operations
2021-09-03Machine Learning with Zeek and Tensorflow (Part 1): Talking to Zeek
2021-08-23SANS Blue Team Summit 2021
2021-08-18TShark - Working with Regular Expressions
2021-08-14SOC Automation with PowerShell Interactive Notebooks
2021-08-12Understanding And Using GIT
2021-08-06Introducing SANS role-based labs
2021-08-05TShark - Exporting Suspicious Content
2021-07-30What Really is Correlation?
2021-07-27Detecting Reconnaissance and Common Application Layer Protocols?
2021-07-27Tips for Conducting OSINT Investigations in the EU with GDPR
2021-07-26Open-Source Intelligence (OSINT) + Security Awareness


Tags:
tensorflow
machinelearning
ai
Artificial intelligence
Ml
Machine learning
zeek
networking
data science
python
cybersecurity
information security
david hoelzer
sans sec595
sec595
tensorflow tutorial
tensorflow tutorial for beginners
tensorflow python
tensorflow python tutorial
Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595 Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
dave hoelzer