COMMSEC: One Stop Anomaly Shop

One Stop Anomaly Shop (OSAS) is a complete machine learning framework aimed to discovered anomalies in a given dataset. The open source project represents an implementation of several Adobe’s Security Intelligence Team Patents and White papers.

The project aims to enable the user to create a custom pre-processing pipeline, using predefined recipes for numerical, categorical, text and combined datatypes. The output of the pipeline is a set of labels that describe the input data and that are later consumed by standard anomaly detection algorithms or supervised classifiers. The role of the pipeline/labels is to reduce data scarcity, while enhancing the accuracy of anomaly detection and supervised machine-learning algorithms even on small datasets.

Its unique manner of tagging allows it to be used for a diverse range of datasets and projects. The Expert Knowledge Based tagging component makes it highly efficient at targeting security threats and shifts the underlaying operation from unsupervised learning towards a semi-supervised one.

The open source initiative contains the full source code of the project but also a dockerized version, equipped with an OSAS Web UI and an Elastic Search OpenDistro installation and integration for fast graphical analysis of the results.

The presentation will contain an end to end hands on PoC of how to levrage the off the shelf OSAS or how to fully customize a pipeline in just a couple of minutes/clicks.

Location: Track 4 / CommSec Date: May 27, 2021 Time: 6:30 pm - 7:00 pm Andrei Cotaie Tiberiu Boros