Applied AI for Resilient Networks: Scikit-Learn & PyTorch

Description:

The scale and complexity of modern networks demand intelligence. This intensive, application-focused workshop provides a deep dive into the practical deployment of both classical Machine Learning (Scikit-learn) and Deep Learning (PyTorch) to automate threat detection, classify traffic, and predict network anomalies. Participants will master the data pipeline from raw network logs to production-ready models, emphasizing real-world datasets, robust feature engineering, and high-performance model architectures for operational resilience. Networking/Security related datasets.

Duration:

1 day 

Course Code: BDT 529

Learning Objectives:

After this course, you will be able to:

1. Architect: Design robust ML pipelines using Scikit-learn for rapid classification and anomaly detection baselines
2. Implement: Build and train complex PyTorch deep neural networks (ANNs, LSTMs, 1D CNNs) tailored for high-volume network data
3. Optimize: Apply advanced feature engineering to network flow records and security logs for maximum model performance.
4. Differentiate: Effectively choose between classical ML and Deep Learning based on the nature of the security or networking problem (e.g., structured flows vs. sequential logs)
5. Evaluate: Utilize specialized security metrics (g., F1-Score, ROC-AUC) to rigorously assess model efficacy and minimize operational False Positives

Technical professionals dedicated to advanced network operations and cybersecurity, including Data Scientists, ML Engineers, Security Architects, Network Automation Engineers, and SREs.

Participants should have a solid foundation in Python and basic machine learning concepts (supervised/unsupervised learning, evaluation metrics), along with familiarity in network data. Prior exposure to Scikit-Learn and deep learning frameworks like Keras/TensorFlow or PyTorch is strongly recommended, and completion of Kickstart AI: ML in a Day and Kickstart PyTorch in a Day is preferred.

Course Outline:

1. Foundational Intelligence & The ML Pipeline
2. ML vs DL in Practice: Contextualizing tool choice Sci-kit Learn for baselines and PyTorch for high-dimensional, time-series or unstructured data
3. Operationalizing Data Sources: Reviewing and preparing real-world data, e.g. NetFlow or Syslog/Auth Logs, etc.
4. Ingestion Readiness: Standardization of diverse data streams for machine consumption
5. Lab: Feature Engineering and Data Hygiene
6. Classical ML for Tactical Security & Ops
7. High-Performance Classification: Using Gradient Boosting for accurate, low-latency traffic and malware classification
8. Unsupervised Anomaly Detection: implementation of isolation forest and One-class SVM for zero-day threat and network outlier
9. Model Evaluation: Deep dive into False positive rate vs Detection Rate, understanding Precision & Recall
10. Feature Importance & Model Explainability (XAI): Figure out important features
11. Lab: Using SHAP to interpret a Scikit-Learn model’s decision, crucial for audit
12. Deep Learning: Mastering Network Sequences
13. PyTorch for Structured Data: Using Dataset/Data loaders for performance, and building ANN, data loaders that efficiently feed GPUs for massive datasets
14. Time-Series Threat Modeling (LSTMs): Using RNN/LSTM to analyze sequential user behavior (UBA)

Lab: Sequence Analysis with Bi-LSTM: classify sequence of network events (flows/logs)

Deployment Readiness

Model Deployment & Export: Save and loading PyTorch models

Using ONNX format: Converting PyTorch model to ONNX format for cross-platform deployment

Lab: Model Persistence