Sophos – Intercept X: the data scientist’s view
Machine learning requires amazing people, so let’s meet one…
The latest version of Intercept X contains everything you already know and love about the product, but now it’s powered by deep learning.
To learn more about the role that deep learning plays in Intercept X, we met with Sophos Data Scientist Hillary Sanders.
Hi Hillary, tell us how you contributed to Intercept X…
I’m the team leader of our data science infrastructure group.
I focus on developing the systems that we use to develop and monitor our deep learning models.
What is machine learning?
Machine learning uses models that are trained using data rather than programmed with specific, hand-written rules. The models derive rules from the training data that can be used to make accurate predictions about data that it wasn’t trained on.
Essentially, machine learning models are very large, complex functions that have been optimized to take some input, such as a file, and give us some output, such as whether the file is malicious.
What is deep learning?
Deep learning is a specific type of machine learning that excels at performing very complex tasks like image recognition or language translation. Deep learning models learn to view their training data as a deep, nested hierarchy of concepts, which allows them to learn massive amounts of incredibly complex patterns.
Their ability to break down complex problems into progressively smaller and easier ones, and their ability to pick out useful characteristics amongst masses of noise, makes them an extremely powerful tool for cyber-security applications.
Why is it more sophisticated than machine learning?
As you hand classical machine learning models more and more data, their accuracy tends to stagnate relatively quickly.
On the other hand, deep learning models have extraordinarily high information capacity. When you give deep learning models hundreds of millions of training examples their accuracy just keeps on going up!
Because Sophos has access to massive stores of such data, we’ve been able to develop deep learning models that blow away their more classically designed counterparts.
How does deep learning change security?
Put simply, deep learning models allow us to identify malware that’s never been seen before, with stunning accuracy. Our models can identify the core features that make a malware sample malicious and see through the superficial changes that might fool other systems.
Describe Intercept X in one word