Jason Ford
Jason is a Principal Research Engineer at Proofpoint. He is interested in building security tools and has experience writing Java, PowerShell, and Python. Jason has been working in a variety of roles in InfoSec for over 20 years, and has recently found his calling doing research on topics related to security and machine learning. When he's not tinkering with stuff in his home lab, you'll find him listening to EDM and enjoying the outdoors camping, running, hiking, and skiing.
LinkedIn: https://www.linkedin.com/in/jasonsford/
ResearchGate: https://www.researchgate.net/profile/Jason-Ford-6
My GitHub: https://github.com/jasonsford
Session
This talk introduces a research-driven approach to improving network intrusion detection by combining standardized feature extraction techniques with dynamic ensemble machine learning. Traditional signature-based detection struggles to identify new or evolving attacks, and prior ML-based research often suffers from poor generalization due to narrow datasets and single-model reliance. This work addresses these shortcomings by proposing a standardized feature extraction framework focusing on metadata and flow-level statistics, training multiple diverse machine learning models, and developing a novel ensemble classifier to optimize detection based on class-specific model strengths. Experimental validation shows the ensemble maintains high detection accuracy (97.92%) across various traffic types while minimizing false positives, offering a promising foundation for building more adaptable and resilient network defenses.