Kaspersky Machine Learning for Anomaly Detection

Getting started

Before starting to work with Kaspersky MLAD, you must make sure that the following conditions are fulfilled:

1. Descriptions of tags of received telemetry and assets of the hierarchical structure are prepared as a XLSX file to be imported into Kaspersky MLAD. This file is created by a qualified technical specialist of the Customer, a Kaspersky expert or a certified integrator.
2. A set of presets has been prepared to monitor data flow and evaluate the performance of Kaspersky MLAD. A description of the presets is supplied in the form of a file in JSON format. This file is created by a qualified technical specialist of the Customer, a Kaspersky expert or a certified integrator.
3. The telemetry data source is enabled and configured to send data to Kaspersky MLAD.
4. The data transfer network is prepared to deliver telemetry data from the data source to the Kaspersky MLAD server, the network equipment is properly configured, and data transfer is allowed.
5. Configuration settings and/or configuration files are prepared for the connector that will be used in Kaspersky MLAD to receive telemetry data or events from external systems. The connector must be configured and activated after Kaspersky MLAD is started.
6. If ML models are provided as part of the Kaspersky MLAD Model-building and Deployment Service, the ML models are created and trained based on historical telemetry data by a Kaspersky expert or a certified integrator. The ML models have been prepared for import into Kaspersky MLAD as TAR files. The Kaspersky MLAD system administrator has been sent the codes for activating ML models. The ML model activation codes are stored in a secure storage location.