Machine Learning: How to Build a Better Threat Detection Model

At Sophos, we’re focused on protecting our customers from threats from every possible attack vector. And here in the Data Science Group, we’re challenged every day to come up with new and better techniques to address these cyber threats in a scalable way that not only improves protection, but changes the paradigm of how emerging threats are addressed. That’s why we’re focusing on new deep learning and machine learning methods to be leveraged across our entire portfolio.

One of our first challenges is supplementing reactive, human-based malware research with predictive machine learning models. This challenge is very unique, and can be an afterthought in traditional machine learning cybersecurity literature.

In this article, we describe the process we use to develop our models. To help explain the concepts, we’ll work through the development and evaluation of a toy model meant to solve the very real problem of detecting malicious URLs.

Download Now
Technical paper screenshot