A leading cloud security provider wanted us to detect anomalies and abnormal peaks in outbound traffic, using event logs. We set up a continuous feed of raw data logs, using AWS Kinesis rom AWS Cloud-Trail. Data was then grouped by Time, Usertype and Logtype into multiple batches. From these batches, variables were generated to feed in to the Machine Learning model which finally predicted if the data entry is an anomaly or not, using logistic regression.

Have something to add to the conversation? We’re all ears!

Leave a Reply