Network Protocol Classification with Random Forests
During part 2 of “Applying Machine Learning to Network Anomalies,” someone on the livestream asked if a Random Forest could be used to solve the same problem. I answered, “No,” but promised to do a session explaining why not.
Tune in to learn a little bit about Random Forests, how to apply them to classification problems, and why they don’t work well for anomaly detection.
David Hoelzer, the operations chief for Enclave Forensics, Inc. and a managing partner with Occulumen, Ltd. (and SANS Fellow) will lead this livestream. David has more than thirty years of experience in the IT and cybersecurity fields, with more than 25 years specifically in the network monitoring, SOC operations, and incident response fields. He leads the machine learning function within Enclave Forensics and is the author of both SEC503 (Intrusion Detection In-Depth) and SEC595 (Applied Data Science and Machine Learning/AI for Cybersecurity Professionals).
https://www.sans.org/cyber-security-courses/intrusion-detection-in-depth/
https://www.sans.org/cyber-security-courses/applied-data-science-machine-learning/
#machinelearning #ai #ml #networking #datascience