Big Data Security Analytics

Project Start Date:

September 2016

Project Status:

On-going

Project Objectives and Scope

We research and design algorithms, technologies and systems of big data security analytics. We research effective algorithms and system designs that enable efficient analysis of big data repositories, uncover hidden relationships within massive amounts of security data and identify advanced threats and cyber-attacks in their early stages.

Challenges

The main challenge is to be able to efficiently perform long-term analytics on large-scale and massive volume of heterogeneous security data, detect the attack at an early stage, detect unseen attack and zero-day exploit, understand how the initial penetration to the organization occurred, and derive the goal of the attacker and estimate the damage if the attack is running for an extended period of time.

Methodology/Approach

In this project we research novel detection algorithms based on data-driven approach, supervised, semi-supervised and unsupervised learning approaches, and state-of-the-art deep learning approaches. We research new time series machine learning algorithms that can model the system over time. Time series machine learning algorithms, in particular, Recurrent Neural Networks, have the ability to model what they have seen in the past. This concept would be useful for the detection of APTs as these attacks have low profiles with long-term execution.