Speaker

Hafiz Farooq

Hafiz Farooq

Cyber Security Architect @ Saudi Aramco

Actions

Hafiz Muhammad Farooq is a Senior Cyber Security Architect for Saudi Aramco's Global Security Operations Centre (SOC). With 16 years of research and professional experience in Cyber and Network Security domain, he is harnessing the first-line-of-defense against a huge spectrum of targeted and untargeted cyber attacks from adversaries. His academic and professional experience helped him to orchestrate the security processes for Saudi Aramco after the well-known Shamoon attack in 2012. He holds masters degree in Next Generation Networks (Aston University, United Kingdom), Computer Engineering degree (NUST, Pakistan), and active membership in the Internet Security Research Group (ISRG), Forum of Incident Response Team (FIRST), and Privacy and Security Research Group (PSRG).

Area of Expertise

  • Information & Communications Technology

Topics

  • cyber security
  • cybercrime
  • Cyberthreats
  • Cloud Security
  • Application Security
  • Automated Security
  • AWS Security
  • Data Security
  • Cloud Security Architecture
  • Cloud App Security
  • Cloud Native Security
  • malware analysis
  • Digital Forensic

Sentimental Behavioural Analytics

Insider Threats have always been a challenging threat spectrum for the large enterprises since they can cause heavy financial and operational damages. Also, these are difficult to detect by any SOC since these attacks use authorized means to launch the attack vectors against the enterprise. The traditional machine learning detections are prone to failure in such non-anomalous and covert attack patterns, due to high-dimensionality of features and no difference in behavior of the malicious and normal enterprise users. Natural Language Processing (NLP) however can rescue this issue and help in differentiating between malicious and normal patterns using Sentiment Analysis (SA) of user activity datasets. Despite the noisy operational activities, Sentiment Analysis can still discover the divergent activities and help in timely detection of attackers in the initial phase of their cyber-attacks. Hence, we ran Sentiment Analysis algorithms on enterprise security bigdata and formulated an optimal framework, which we called as Sentiment Behavior Analytics (SBA). In this presentation, we will present the detailed architecture of our SBA framework and explain different features.

Sentimental Behavioural Analytics

Insider Threats have always been a challenging threat spectrum for the large enterprises since they can cause heavy financial and operational damages. Also, these are difficult to detect by any SOC since these attacks use authorized means to launch the attack vectors against the enterprise. The traditional machine learning detections are prone to failure in such non-anomalous and covert attack patterns, due to high-dimensionality of features and no difference in behavior of the malicious and normal enterprise users. Natural Language Processing (NLP) however can rescue this issue and help in differentiating between malicious and normal patterns using Sentiment Analysis (SA) of user activity datasets. Despite the noisy operational activities, Sentiment Analysis can still discover the divergent activities and help in timely detection of attackers in the initial phase of their cyber-attacks. Hence, we ran Sentiment Analysis algorithms on enterprise security bigdata and formulated an optimal framework, which we called as Sentiment Behavior Analytics (SBA). In this presentation, we will present the detailed architecture of our SBA framework and explain different features.

Hafiz Farooq

Cyber Security Architect @ Saudi Aramco

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top