Ending Soon: Get a MacBook Air or Surface Pro 7 with 5 or 6 Day Training - Best Offers of the Year!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Role of Machine Learning in Network Traffic Analysis

  • Tuesday, May 05, 2020 at 10:30 AM EDT (2020-05-05 14:30:00 UTC)
  • Abhishek Sharma, Alissa Torres


  • Fidelis Cybersecurity

You can now attend the webcast using your mobile device!



Network traffic analysis is a critical component of a detection and response security strategy. It provides necessary visibility of north/south and east/west traffic and uses a combination of methods to identify anomalous behavior. Machine learning analytics is a core method for analyzing traffic to determine anomalous activity. In fact, attackers are using artificial intelligence and machine learning to speed and scale their attacks so it only makes sense for cybersecurity teams to use ML-based detections as part of their overall defense. In this webinar, well examine:

  •    What capabilities should be included in a network traffic analysis solution
  •    Machine-learning, what it is and how it works
  •    How to apply machine-learning to detect anomalous behavior

Speaker Bios

Abhishek Sharma

Abhishek Sharma manages the Data Science Team at Fidelis Cybersecurity. His focus at Fidelis is to build Machine Learning and Big Data based solutions for Cybersecurity problems related to Malware Detection, Anomaly Detection, Mapping Cyber Terrain and Cyber Risk Assessment, and Alert Prioritization for improving Incidence Investigation. Abhishek holds a Ph.D. in Computer Science from the University of Southern California, and a MS and Bachelors in Mathematics and Computing from the Indian Institute of Technology, Delhi. Prior to joining Fidelis, he worked as a Research Staff Member at NEC Labs America. He holds 7 patents in USA, and has published research articles in several peer-reviewed conferences and journals.

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.