Cyber Threat Detection via Machine Learning

Recent cyber-attacks have overwhelmed many high-profile businesses. These attacks often exploit multiple types of vulnerabilities to infiltrate into target systems in multiple stages. Cyber threat hunting in enterprises is the process of proactively and iteratively searching for malicious activities in various types of adversaries that have entered the defender’s network. This process is critical for early warning and detection. However, existing approaches require non-trivial efforts for extracting knowledge about threat behaviour from indicators of compromise, diverse type of logs and unstructured cyber threat intelligence reports. All this extracted knowledge is used to facilitate threat detection. Hence, the threat detection process is labor-intensive and error prone. In this project, our goal is to employ time series anomaly detection and machine learning to design and develop automated techniques for cyber threat detection. In doing so, we seek to explore batch and real time analytics and their generalizability over different types of data available for cyber threat detection.

Faculty Supervisor:

Nur Zincir-Heywood

Student:

Partner:

Micro Focus Software (Canada) ULC;OpenText Corp

Discipline:

Computer science

Sector:

Information and cultural industries; Professional, scientific and technical services

University:

Dalhousie University

Program: