Scheming with Machines: Using ML to Support Offensive Teams

Scheming with Machines: Using ML to Support Offensive Teams

Machine learning has already proven itself an extremely useful tool for blue teams and defensive products. Organizations and their vendors have access to millions of endpoints, logs, and events. Extending talks and research given at previous DefCon events, this presentation will discuss research at integrating operationally relevant machine learning techniques into offensive operations. Through a few practical examples, we’ll explore basic statistics for operator efficacy, detecting a sandbox for payload security using a simple neural network, analyzing command sequences from previous operations to provide command recommendations for current operations, and using reinforcement learning to teach malware to pivot across a network. PhD NOT required!

Presented by