Catching Hackers Red-Handed: using Python to detect malicious events at scale at Symantec Research Labs

by Daniel Kats

pySpark machine-learning keras tensorflow jupyter security pandas sklearn

Symantec's data lake is filled with exabytes of data. My team uses python to trawl through it to fish for hackers, and sometimes we catch some really big fish. In this talk I will discuss various techniques to catch real criminals doing nasty things across the internet.

Symantec Research Labs is the premier research team at Symantec, responsible for long-term and forward-looking projects. My work is on data analysis and correlation, where we use python to look at both historical (batch) and streaming data to detect and discover threats.

I will present two projects, both in Python, that deal with our unique collection of data. I will show how we use off-the-shelf tools and Python libraries to build sophisticated prototypes and stop very serious threats.

About the Author

Rock climber. Big data analytics super star. International man of mystery. These are but a few titles that even my enemies grudgingly bestow upon me.

I attended the University of Toronto, interspersed with internships at Yelp and IBM. I graduated with a B.Sc., followed by an M.Sc. studying under Prof. Eval de Lara. I then went to work for Symantec Research Labs where I (so far) co-authored 2 academic publications, over 20 patents, and (by my count) downed upwards of 10 million cups of coffee.

In my free time I read The Atlantic, go on anger-fueled morning jogs, and get on my roommate’s nerves.

Author website: