Related projects
Discover more projects across a range of sectors and discipline — from AI to cleantech to social innovation.
Adaptive ML-Driven Detection of Scheduled Task Anomalies and Automated Threat Attribution
As cyber threats grow more sophisticated, attackers increasingly exploit scheduled tasks to maintain persistence and evade detection. Traditional security measures struggle to distinguish between legitimate and malicious task executions, especially when attackers modify execution parameters. Additionally, identifying and attributing threats to known adversaries remains a complex and resource-intensive process, relying heavily on human analysts and labeled data. This project, in collaboration with eSentire, aims to bridge these gaps by developing:
– An ML-driven anomaly detection system to identify suspicious scheduled task executions based on execution flow anomalies, registry modifications, and stealthy command-line manipulations.
– An automated threat actor attribution pipeline leveraging semi-supervised learning and the Diamond Model of Intrusion Analysis to enhance the accuracy, speed, and scalability of adversary identification.
By advancing cybersecurity analytics, this research will strengthen eSentire’s proactive threat detection capabilities, improve SOC efficiency, and contribute to industry-wide efforts in tackling automation-based persistence techniques and adversary attribution.
Faculty Supervisor:
Ali Dehghantanha
Student:
Partner:
eSentire
Discipline:
Computer science
Sector:
Cyber Security; Artificial Intelligence
University:
University of Guelph
Program:
Business Strategy Internship
Current openings
Find the perfect opportunity to put your academic skills and knowledge into practice!
Find Projects
International
Load More
International
Load More
