Welcome!

SDN Journal Authors: Pat Romanski, Patrick Hubbard, Elizabeth White, Sven Olav Lund, Liz McMillan

Related Topics: Cloud Security, Java IoT, Microservices Expo, Linux Containers, Agile Computing, SDN Journal

Cloud Security: Article

Security Threats Continue to Grow

How Big Data and Machine Learning Can Work Together to Solve Security Threats

They read like a list of horror stories for businesses big and small alike. Sony’s PlayStation Network is hacked twice, exposing the personal information of 77 million customers. Zappos becomes the victim of a hack that exposes the addresses and phone numbers of 24 million people. Up to 81 million Yahoo email customers’ passwords are compromised, forcing the company to tell its users to reset them immediately. 110 million customers are affected when hackers infiltrate Target, and PIN numbers and credit card information are stolen. But these stories of major security breaches aren’t works of fiction--they actually happened, and it’s a concern businesses all over the world live with. Many companies are now turning to big data and machine learning as a way to tackle these risks and make sure valuable data is protected at all times.

Dealing with IT security issues is certainly nothing new for businesses. Computer viruses, malware, worms, and other threats have been around for a while, forcing companies to come up with solutions to either eliminate them or minimize the damages they cause. Much of this approach has been reactive in nature, essentially identifying a new threat or tactic hackers are using and developing the means to fight it. Older security systems had to search through smaller clusters of data to identify patterns that might indicate an attack, but the systems required significant resources and time to work, and even then their success rate was hit-and-miss. Systems were usually finding themselves being left behind by would-be attackers, forced to play catch-up in a game with a lot at stake.

With the growth of big data, data security has become even more complex and difficult to manage. More and more data is being created around the world, and trying to sort through all of it to identify security risks would tax older systems immensely. With new solutions desperately needed, many experts turned to machine learning. In simple terms, machine learning is a system that performs certain tasks by continuously learning from data without the need for specific programming. Machine learning can be used to detect security threats by sorting through all that data, something that simply wasn’t possible to that extent several years ago. Unlike traditional systems, which can get bogged down the more data they have to sort through, machine learning can actually get better if more data is added.

The way machine learning is able to detect security threats is by going through the data and identifying the signs and code that point to potential risks. This in turn creates a profile of what to look for, allowing machine learning and security systems to be able to predict and act on threats before they even happen. Essentially, machine learning can be used for security in much the same way it is used for advertising and marketing, targeting certain features it has determined through pattern recognition and using behavioral analytics to make more accurate predictions. This analysis is not only able to capture the hard data involved in security risks, it captures the context of risky events and can connect the relationships of those events to better understand just how threatening the risk actually is. This entire process takes less time than traditional systems and does not slow down productivity.

Threat detection through machine learning and big data was once out of reach for smaller businesses due to cost concerns and personnel requirements, but as these technologies have matured, smaller operations are now getting more access through big data cloud technology. The advances in recent years makes the utilization of machine learning possible for smaller security teams. In fact, security threat detection through machine learning is more of a hands-off process since machine learning systems undergo training on their own. The system is always learning, populating training sets to always get better at detecting security risks, even if they are new. The processing power and storage capabilities needed for machine learning are also within reach for small businesses thanks to advances in flash storage. The growing adaptability for companies makes security more robust and predictive instead of reactive.

There will never be a way to completely eliminate all security threats. Hackers and malware artists will always be looking for news ways to infiltrate and steal corporate information. But with a better understanding of the ways big data and machine learning can work together toward addressing this common problem, security breaches will be rarer and not as painful as those that have happened in recent years. A more secure future is definitely possible through machine learning.

More Stories By Gil Allouche

Gil Allouche is the Vice President of Marketing at Qubole. Most recently Sr. Director of Marketing for Karmasphere, a leading Big Data Analytics company offering SQL access to Apache Hadoop, where he managed all marketing functions, Gil brings a keen understanding of the Big Data target market and its technologies and buyers. Prior to Karmasphere, Gil was a product marketing manager and general manager for the TIBCO Silver Spotfire SaaS offering where he developed and executed go-to-market plans that increased growth by 600 percent in just 18 months. Gil also co-founded 1Yell, a social media ad network company. Gil began his marketing career as a product strategist at SAP while earning his MBA at Babson College and is a former software engineer.

@CloudExpo Stories
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
As businesses evolve, they need technology that is simple to help them succeed today and flexible enough to help them build for tomorrow. Chrome is fit for the workplace of the future — providing a secure, consistent user experience across a range of devices that can be used anywhere. In her session at 21st Cloud Expo, Vidya Nagarajan, a Senior Product Manager at Google, will take a look at various options as to how ChromeOS can be leveraged to interact with people on the devices, and formats th...
First generation hyperconverged solutions have taken the data center by storm, rapidly proliferating in pockets everywhere to provide further consolidation of floor space and workloads. These first generation solutions are not without challenges, however. In his session at 21st Cloud Expo, Wes Talbert, a Principal Architect and results-driven enterprise sales leader at NetApp, will discuss how the HCI solution of tomorrow will integrate with the public cloud to deliver a quality hybrid cloud e...
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Is advanced scheduling in Kubernetes achievable? Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, will answer these questions and demonstrate techniques for implementing advanced scheduling. For example, using spot instances ...
Companies are harnessing data in ways we once associated with science fiction. Analysts have access to a plethora of visualization and reporting tools, but considering the vast amount of data businesses collect and limitations of CPUs, end users are forced to design their structures and systems with limitations. Until now. As the cloud toolkit to analyze data has evolved, GPUs have stepped in to massively parallel SQL, visualization and machine learning.
The session is centered around the tracing of systems on cloud using technologies like ebpf. The goal is to talk about what this technology is all about and what purpose it serves. In his session at 21st Cloud Expo, Shashank Jain, Development Architect at SAP, will touch upon concepts of observability in the cloud and also some of the challenges we have. Generally most cloud-based monitoring tools capture details at a very granular level. To troubleshoot problems this might not be good enough.
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/.
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busine...
We all know that end users experience the Internet primarily with mobile devices. From an app development perspective, we know that successfully responding to the needs of mobile customers depends on rapid DevOps – failing fast, in short, until the right solution evolves in your customers' relationship to your business. Whether you’re decomposing an SOA monolith, or developing a new application cloud natively, it’s not a question of using microservices – not doing so will be a path to eventual b...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities – ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups. As a result, many firms employ new business models that place enormous impor...
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
The next XaaS is CICDaaS. Why? Because CICD saves developers a huge amount of time. CD is an especially great option for projects that require multiple and frequent contributions to be integrated. But… securing CICD best practices is an emerging, essential, yet little understood practice for DevOps teams and their Cloud Service Providers. The only way to get CICD to work in a highly secure environment takes collaboration, patience and persistence. Building CICD in the cloud requires rigorous ar...
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...
As popularity of the smart home is growing and continues to go mainstream, technological factors play a greater role. The IoT protocol houses the interoperability battery consumption, security, and configuration of a smart home device, and it can be difficult for companies to choose the right kind for their product. For both DIY and professionally installed smart homes, developers need to consider each of these elements for their product to be successful in the market and current smart homes.
In the fast-paced advances and popularity in cloud technology, one of the most critical factors revolves around concerns for security of your critical data. How to assure both your company and your customers they can confidently trust and utilize your cloud environment is most often top on the list. There is a method to evaluating and providing security that exceeds conventional modes of protecting data both within the cloud as well externally on mobile and other devices. With the public failure...
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
Transforming cloud-based data into a reportable format can be a very expensive, time-intensive and complex operation. As a SaaS platform with more than 30 million global users, Cornerstone OnDemand’s challenge was to create a scalable solution that would improve the time it took customers to access their user data. Our Real-Time Data Warehouse (RTDW) process vastly reduced data time-to-availability from 24 hours to just 10 minutes. In his session at 21st Cloud Expo, Mark Goldin, Chief Technolo...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...