Open in app

Sign In

Write

Sign In

Jason Trost
Jason Trost

966 Followers

Home

About

Pinned

Security Data Science Learning Resources

This short post catalogs some resources that may be useful for those interested in security data science. It is not meant to be an exhaustive list. It is meant to be a curated list to help you get started. Staying Current with Security Data Science Here is my current strategy for staying current with security data…

Machine Learning

5 min read

Security Data Science Learning Resources
Security Data Science Learning Resources
Machine Learning

5 min read


Pinned

Auxiliary Loss Optimization for Hypothesis Augmentation for DGA Domain Detection

This post outlines some experiments I ran using Auxiliary Loss Optimization for Hypothesis Augmentation (ALOHA) for DGA domain detection. (Update 2019–07–18) After getting feedback from one of the ALOHA paper authors, I modified my code to set loss weights for the auxilary targets as they did in their paper (Weights…

Machine Learning

6 min read

Auxiliary Loss Optimization for Hypothesis Augmentation for DGA Domain Detection
Auxiliary Loss Optimization for Hypothesis Augmentation for DGA Domain Detection
Machine Learning

6 min read


Pinned

Collecting and Curating IOC Whitelists for Threat Intelligence and Machine Learning Research

In this post, I share my experience in building and maintaining large collections of benign IOCs (whitelists) for Threat Intelligence and Machine Learning Research. Whitelisting is a useful concept in Threat Intelligence correlation since it can be very easy for benign observables to make their way into threat intelligence indicator…

Machine Learning

13 min read

Collecting and Curating IOC Whitelists for Threat Intelligence and Machine Learning Research
Collecting and Curating IOC Whitelists for Threat Intelligence and Machine Learning Research
Machine Learning

13 min read


Pinned

Mining DNS MX Records for Fun and Profit

Attempting to use DNS MX records to map the global Email Security Provider landscape. — If you have read my blog before, you may realize that I really love DNS data and dns analytics. In this post, I share some experiences in using mostly DNS data for identifying the visible footprint of popular email security providers. This may not be terribly novel, but it was…

8 min read

Mining DNS MX Records for Fun and Profit
Mining DNS MX Records for Fun and Profit

8 min read


Published in

The Startup

·Pinned

All Your SPF Belong to us: Exploring Trust Relationships Through Global Scale SPF Mining

In this post we explore a large collection of Sender Policy Framework (SPF) records to see what they might tell us about global email sending trust relationships and how they relate to email security providers. …

Cybersecurity

10 min read

All Your SPF Belong to us: Exploring Trust Relationships Through Global Scale SPF Mining
All Your SPF Belong to us: Exploring Trust Relationships Through Global Scale SPF Mining
Cybersecurity

10 min read


Aug 7, 2022

3 Short Links on Applying Weak Supervision to Cybersecurity Problems

In this post, I share a few links of examples of using Weak Supervision for cyber security use cases. I was surprised that I couldn’t find more examples. According to wikipedia… Weak supervision is a branch of machine learning where noisy, limited, or imprecise sources are used to provide supervision…

Machine Learning

2 min read

3 Short Links on Applying Weak Supervision to Cybersecurity Problems
3 Short Links on Applying Weak Supervision to Cybersecurity Problems
Machine Learning

2 min read


Jan 16, 2022

9 Short links on Network Beacon Detection

In this post I share 9 links to resources related to Network Beacon detection. Network beacons are continuous automated communications between 2 hosts. …

Network Security

2 min read

9 Short links on Network Beacon Detection
9 Short links on Network Beacon Detection
Network Security

2 min read


Jan 8, 2022

10 Short links on Cybersquatting domain detection

In this short blog, I share 3 papers and 7 tools that focus on detecting cyber squatting domains (including typosquating, homograph, combosquatting, etc.). Detection of Cybersquatted Domains (Master’s Thesis) by Patrick Frischknecht Hiding in plain sight: A longitudinal study of combosquatting abuse Seven months’ worth of mistakes: A longitudinal study of typosquatting abuse Tools for generating cybersquatting domains (for use in detection)

Cybersecurity

1 min read

10 Short links on Cybersquatting domain detection
10 Short links on Cybersquatting domain detection
Cybersecurity

1 min read


May 30, 2021

10 Short Links on Malicious Lateral Movement Detection

In this short blog, I share six papers that focus on detecting malicious lateral movement (a.k.a. pivoting, a.k.a. island hopping). (Update 2021–06–06: Added 2 more recent lateral movement papers) (Update 2022–05–15: Added 2 more recent lateral movement papers + 2 datsets) Papers: Latte: Large-Scale Lateral Movement Detection Detection and Threat…

Machine Learning

1 min read

10 Short Links on Malicious Lateral Movement Detection
10 Short Links on Malicious Lateral Movement Detection
Machine Learning

1 min read


May 12, 2021

7 Short Links of Dictionary DGA Detection

In this short blog, I share seven papers that focus on detecting Dictionary Domain Generation Algorithm (DGA) domains, A.K.A. Word-based DGAs. Dictionary DGAs are algorithms seen in various malware families (suppobox, matsnu, gozi, rovnix, etc.) that are used to periodically generate a large number of domain names that use pseudo-randomly…

Network Security

2 min read

7 Short Links of Dictionary DGA Detection
7 Short Links of Dictionary DGA Detection
Network Security

2 min read

Jason Trost

Jason Trost

966 Followers

Interests: Network security, Digital Forensics, Machine Learning, Big Data. retweets are not endorsements.

Following
  • Will Lockett

    Will Lockett

  • NYU Center for Data Science

    NYU Center for Data Science

  • Anton Chuvakin

    Anton Chuvakin

  • Jared Atkinson

    Jared Atkinson

  • Micah Babinski

    Micah Babinski

See all (282)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams