I stumbled on this recently. It is a small collection of reports/publications from Sandia National Labs on using Machine Learning and Predictive Analytics for Computer Network Defense. Here is what is contained in the PDF:

  • Early warning analysis for social diffusion events, Security Informatics, Vol. 1, 2012, SAND 2010-5334C.
  • Proactive cyber defense, Chapter in Springer Integrated Series on Intelligent Systems, 2012 Document No. 5299122, SAND 2011-8794P).
  • Predictability-oriented defense against adaptive adversaries, Proc. IEEE International Conference on Systems, Man, and Cybernetics, Seoul, Korea, October 2012. [or Predictive moving target defense, Proc. 2012 National Symposium on Moving Target Research, Annapolis, MD, June 2012.], SAND 2012-4007C.
  • Leveraging sociological models for prediction I: Inferring adversarial relationships, and II: Early warning for complex contagions, Proc. IEEE International Conference on Intelligence and Security Informatics, Washington, DC, June 2012 [Winner of the 2012 Best Paper Award, IEEE ISI], SAND 2012-6729C.
  • Predictive defense against evolving adversaries, Proc. IEEE International Conference on Intelligence and Security Informatics, Washington, DC, June 2012, SAND 2012-4007C.
  • Proactive defense for evolving cyber threats, Proc. IEEE International Conference on Intelligence and Security Informatics, Beijing, China, July 2011 [Winner of the 2011 Best Paper Award, IEEE ISI], SAND 2011-2445C.

Proactive Defense for Evolving Cyber Threats (PDF)

–Jason

6 Short Links on PDNS Graph Analytics for Security

A short listing of recent papers I've read or plan to read using passive DNS data and graph analytics for identifying malicious domains Continue reading