ML for Threat Hunting by Dave Hoelzer

Clustering DNS requests - who has the time to analyze every DNS query??

Can we cluster interesting DNS requests vs not interesting?

Detecting backdoors this way

Better performance when sending data in batches

Increase SOC analyst efficiency

AI and Security Research by Johannes Ullrich

When using ChatGPT for research, you still need to find the original source to credit, just like Google or Wikipedia. Prompt GPT: "Provide a source citation for this information"

💡 Can hallucinate!! Must verify results.

Copiolot - GitHub does not own suggesxtions

Acoustic attacks to determine keyboard inputs - 95% accurate

Journey to the GenAI-DFIR Era by Jess Garcia

Generative AI - ML models that focus on creating new data

LLMs fall under GenAI, they are GenAI models for natural language processing tasts. They have some shortcomings:

• You need to know how to ask questions to them
• A LLM has NO memory (it does have somewhat of an attention span, though)
• Trained until a date
• Maximum prompt size

Types of Prompts:

• Zero-Shot Prompt
• Few-Shot Prompt
• RAG (Retrieval Augmented Generation)

LangChain - Build apps with LLM LLaMA - Open Source LLM