Time series
Classification
FEATURE SPACE TRANSFORMATION
Pipeline
Sub-pipeline
Data Smoothing
Wavelet
...
With SG-Filter
Lagged
MODEL REPOSITORY
Pre-defined pipelines
EVOLUTIONARY OPTIMISATION
Initialization
Mutation
Changes in structure & hyperparameters
Population Selection
Parents Selection
Termination stage
COMPOSING
Initial Assumption
Pipeline design
Search space
Models
Operations
Hyperparameters
Improved pipeline
PREDICTION
Prediction
Metrics
evaluation
serialization
(e.g, Proofpoint)
(e.g, CrowdStrike)
(e.g, Palo Alto)
(e.g, Cloudflare)
(e.g, Trellix)
(AWS GuardDuty)
SIEM
[Unified MonitoringMonitoring Engine]
1. NORMALIZATION& AGGREGATION
2. CLASSIFICATION
CLASSIFIED EVENTS
> MALWARE> PHISHING> WEB ATTACK> DATA EXFILTRATION> INTRUSION
SOAR
(Security Orchestration,Automation & Response)
AUTOMATED PLAYBOOKSRESPONSE ACTIONS
(e.g, Isolate Host, Block IP,Create Ticket)
by Zak
