Using machine learning to detect DGA with >99.9% accuracy


Steve Dodson

Accurately detect domain generation algorithm (DGA) activity using the Elastic Stack by deploying a pre-trained supervised machine learning model to enrich Packetbeat data at ingest and anomaly detection to improve accuracy and pinpoint malicious hosts. We will walk through the configuration and then deep dive into what each component is doing, how the model was trained, and how the model can detect real-world malware activity.