Kaspersky Machine Learning for Anomaly Detection

Scenario: working with ML models

6 December 2023

ID 265458

This section describes the sequence of actions required to work with ML models.

The scenario for working with ML models consists of the following steps:

  1. Adding an ML model

    You can add an ML model to Kaspersky MLAD in one of the following ways:

  2. Adding markups

    If you need to define specific time intervals for the data that an ML model can use for training or inference, create markups. To generate an inference indicator, specify the created markup in the settings of the corresponding ML model.

  3. Training ML model elements

    The ML model needs to be trained before you can run inference on it. To do this, all neural network elements within the ML model need to be pretrained. ML model elements based on diagnostic rules are considered to be already trained.

    An ML model uploaded to Kaspersky MLAD has been previously trained by Kaspersky Lab experts or a certified integrator. ML models that are created from a template of an imported ML model or by cloning an imported ML model are also considered to be already trained. If necessary, you can change their training parameters and retrain the neural network elements.

    To generate a learning indicator, specify the created markup in the learning parameters of the neural network element.

  4. Preparing an ML model for publication

    After its training is finished, prepare the ML model for publication. An ML model ready for publishing cannot be modified.

  5. Publishing an ML model

    After preparing the ML model for publication, notify the officer responsible for publishing the ML model that the ML model is ready, or publish the ML model if you have the required permissions. If necessary, the system administrator can create a role that has the right to publish ML models and assign this role to the relevant employee.

  6. Starting ML model inference

    Start inference of the ML model. During the inference process, the ML model analyzes telemetry data and registers incidents.

    ML model inference can be run on a published ML model as well as on a trained ML model.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.