Kaspersky Machine Learning for Anomaly Detection

Getting started

Before starting to work with Kaspersky MLAD, you must make sure that the following conditions are fulfilled:

  1. The telemetry data source is enabled and configured to send data to Kaspersky MLAD.
  2. The data transfer network is prepared to deliver telemetry data from the data source to the Kaspersky MLAD server, the network equipment is properly configured, and data transfer is allowed.
  3. Configuration settings and/or configuration files are prepared for the connector that will be used in Kaspersky MLAD to receive telemetry data or events from external systems. The connector must be configured and activated after Kaspersky MLAD is started.
  4. Descriptions of tags of received telemetry and (optional) their presets are prepared as a JSON file to be imported into Kaspersky MLAD. This file is created by Kaspersky experts or a certified integrator.
  5. An ML model or multiple ML models are created, trained on historical telemetry data, and prepared to be imported into Kaspersky MLAD as TAR files. These files are created by Kaspersky experts or a certified integrator.
  6. The Kaspersky MLAD administrator has been sent the codes for activating ML models. The ML model activation codes are stored in a secure storage location.