0:04 Introduction of Dr. Aviv Yehezkel and Cynamics
1:43 Challenges to network security today
4:02 Types of input data for network monitoring
8:18 High-level architecture of the Cynamics solution
8:56 Challenge of threat detection with Cynamics' sampling approach
10:32 Main contributions of the talk
13:26 Introduction to auto-encoders for anomaly detection
15:52 Issues with auto-encoders for network anomaly detection
17:55 Cynamics' transfer learning for normalising losses
19:52 Differences to related work
21:01 More information about input data
23:33 Description of auto-encoders for network anomaly detection
25:05 Brief introduction to the normalisation
25:36 Description and differences of features between the auto-encoders for anomaly detection and anomaly classification
27:40 Description of global detector models
27:52 Summary of the anomaly detector architecture
28:03 Determining the effectiveness of normalisation
28:53 Comparison with Kitsune on UNB data
31:48 Robustness against AI adversarial attackers
32:59 Summary
33:54 [Question 1] How will a global detector detect an attack when the adversarial attacker is carefully tuned to mimic normal traffic?
35:36 [Question 2] What if an attacker needs very few steps in order to do something significant?
Timestamps for: Network Anomaly Detection Using Auto-Encoders Loss Normalization| Dr. Aviv Yehezkel
0:04 Introduction of Dr. Aviv Yehezkel and Cynamics 1:43 Challenges to network security today 4:02 Types of input data for network monitoring 8:18 High-level architecture of the Cynamics solution 8:56 Challenge of threat detection with Cynamics' sampling approach 10:32 Main contributions of the talk 13:26 Introduction to auto-encoders for anomaly detection 15:52 Issues with auto-encoders for network anomaly detection 17:55 Cynamics' transfer learning for normalising losses 19:52 Differences to related work 21:01 More information about input data 23:33 Description of auto-encoders for network anomaly detection 25:05 Brief introduction to the normalisation 25:36 Description and differences of features between the auto-encoders for anomaly detection and anomaly classification 27:40 Description of global detector models 27:52 Summary of the anomaly detector architecture 28:03 Determining the effectiveness of normalisation 28:53 Comparison with Kitsune on UNB data 31:48 Robustness against AI adversarial attackers 32:59 Summary 33:54 [Question 1] How will a global detector detect an attack when the adversarial attacker is carefully tuned to mimic normal traffic? 35:36 [Question 2] What if an attacker needs very few steps in order to do something significant?