Abstract: Well defined and strict communication policies between applications reduce attack surface and restrict possible lateral movement across the network. However, companies often have very limited information about the applications running in their environments – where the applications are deployed, what their boundaries are and how they interact with each other. In this talk we will introduce Netslicer, a novel machine learning approach that uses network flows to generate application-level representation of public and private cloud networks. We will demonstrate the accuracy of Netslicer compared to other approaches, using actual workloads collected from different production datacenters. This work was published at Bigdama@Sigcomm. We will also discuss other datasets that Guardicore collects and ideas for joint research.
About the speaker: Liron Schiff is Chief Scientist at Guardicore. For over a decade, Liron has been leading R&D projects in the cyber security industry along with academic research in the area of computer networks. His research focuses on programmability, resiliency and security aspects of networks. Liron holds a Ph.D in Computer Science from the Tel Aviv University, awarded in 2017.