Topic: Roles of Artificial Intelligence and Deep Learning in Detecting Data Exfiltration
Essential Internet services are vital for many aspects of modern living, yet those services remain valuable to threat actors who use them for network intrusions and data exfiltration. Dr. Pena completed a quantitative research study analyzing the ability of a Convolutional Neural Network (CNN) to detect Domain Name System (DNS) covert communications generated by the DNSExfiltrator open source tool. The results showed the CNN model had100% accuracy when exfiltrated file sizes exceeded 2 Kilobytes (KB) using the default (maximum) transmission packet size, but its performance fell dramatically for files below 1 KB in size.
As AI/ML solutions become more prevalent in cybersecurity tools, professionals must understand where a model’s strengths and weaknesses lay in order to apply appropriate risk mitigations, such as tuning complimentary detection systems.
Speaker: Dr. Tomas Pena, L3 Harris Technologies
Dr. Tomas Pena is the Chief Technologist for Cyber Operations at L3Harris Technologies’ Space and Airborne Systems Segment. In that role, he’s responsible for cyber innovation and improving the resiliency of company products spanning land, sea, air, space, and cyber domains. He’s been in cyber-related systems engineering and defense contracting positions since 2013. Prior to that time, he completed 20 years of service in the United States Air Force as a Cyberspace Operations Officer where he organized, planned, executed full-spectrum cyberspace operations, stood up the United States Cyber Command’s 24/7 Joint Operations Center, and led Air Force Business Transformation Initiatives at the Pentagon. Dr. Pena has also filled roles such as managing the Global Positioning System satellite control systems, managing theater communications during Operations IRAQI FREEDOM and ENDURING FREEDOM. He is also the Founder and President of Parallax Cyber LLC, a small business focused on training and educating the workforce in Cybersecurity and Cyber Conflict, and the current Editor-in-Chief of the Military Cyber Professional Associations’ Military Cyber Affairs Journal.