Data mining firewall logs : Principal Component Analysis

Posted on by David Vassallo

In this article we'll explore how Principal Component Analysis [PCA] [1] - a popular data reduction technique - can help a busy security or network administrator. Any such administrator has often been faced with a daunting problem... going through reams of firewall or router connection logs trying to figure out if any of the thousands … Continue reading Data mining firewall logs : Principal Component Analysis

First Steps in applying machine learning to InfoSec – WEKA

Posted on by David Vassallo

The intersection between machine learning [ML] and information security [InfoSec] is currently quite a hot topic. The allure of this intersection is easy to see, security analysts are drowning in alerts and data which need to be painstakingly investigated and if necessary acted upon. This is no easy processes and as was seen in the … Continue reading First Steps in applying machine learning to InfoSec – WEKA