Skip to content
David Hampton headshot

David Hampton

David Hampton

Senior Data Engineer at DCI Solutions

David has 5+ years investigating the structural relationship of networks from a variety of functional contexts. This work has spanned from physical neuronal networks to building state of the art neural network representations of complex brain function. He has created an artificial intelligence (AI) / machine learning (ML) based system that eclipses the current state of the art for cyber intrusion detection. His system uses neural networks to detect attacks on computer network traffic. The approach uses natural language programming (NLP) to spot anomalous activity. By leveraging neural architectures such as long short term memory (LSTM) and Transformers in a self-supervised fashion, the intrusion detection system is capable of spotting never-before-seen attacks to better protect the computer networks of our nation.


Track: Cyber Analytics

CyFormer: Transforming Security Through Real Time Explainable Analytics

CyFormer harnesses the power of Artificial Intelligence (AI) for the purpose of transforming cybersecurity. This collection of custom built, Natural Language Processing (NLP) models can defend against never-before-seen cyber attacks at both the network and host level. CyFormer covers all aspects of the cyber threat, both from inside and outside adversaries, harnessing the power of GPUs to scale from edge to enterprise systems. Unlike signature based solutions, CyFormer does not to rely on known threats of the past, allowing it to track down variations to past threats and stop zero day attacks in their tracks. CyFormer applies seamlessly as part of any network architecture and is a flawless technology insertion into a Zero-Trust Architecture.

CyFormer uses light-weight, custom-built Transformer models, specifically designed to address the unique challenges of cyber data. Internal representations are developed of each network entity and their relationships, thus allowing real-time, scalable alerting when unusual events happen. CyFormer can act as a stand-alone solution or can be used to augment security professionals by spotting hard-to-see anomalies in the data and explaining what makes the activity suspect. This methodology helps to build deep trust while augmenting a security team to effectively investigate the vast scale of cyber data in a meaningful, systematic, and straightforward way.