Advanced Network Intrusion Detection Using Automated Algorithms and Threat Models

Computer attacks such as viruses, Trojans, etc. are a continuous problem for governments, companies, and individuals. The most common methods of detecting these computer problems like anti-virus systems rely on an attack being known and described before it can be detected. This opens a hole in computer security systems for new attacks that have not yet been detected. This project focuses on the use of mathematics and advanced anomaly detection algorithms to determine 'normal' and 'abnormal' behavior on computer networks, and attempts to detect attacks by detecting 'abnormal' behavior. For this project, the intern will be implementing a known anomaly detection technique and applying it to historical network data with known attacks. TRTech, an industry R+D consortium, is sponsoring this project so that this algorithm will then be used in Seccuris's network monitoring service. Seccuris is Western Canada's leading information assurance provider and member of TRTech.

Jason Haydaman
Faculty Supervisor: 
Dr. Bob McLeod