Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Monitoring for Network Protocols and Applications

Published byJody Armstrong Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Monitoring for Network Protocols and Applications"— Presentation transcript:

1 Security Monitoring for Network Protocols and Applications
Vinh Hoa LA Ɨ Prof. Ana CAVALLI Ɨ Ƭ PhD Student Supervisor Ɨ Telecom SudParis, IMT Ƭ Montimage France 11/21/2018

2 Context Cyber-security: emerging topic Network/System/Application
Cyber attacks/crime: growing in both volume and sophistication Two directions: Secure Design Security Testing Network/System/Application Security Monitoring Heterogeneous (Signature-based + Anomaly-based) approach Novel advanced techniques: Statistical Learning Machine Learning Nearly 1 million new malware threats released every day Total cost of cyber-crime in recent three years 11/21/2018 TAROT 2016

3 Security Monitoring Framework
Framework Overview: Signature-based approach Anomaly-based approach Network Data Capture Data Processing (Attribute Extraction, Dimension Reduction) Learning/Training Phase Conclusion Traffic Trace Logs Misbehavior signature Normal behaviors System Dimension Reduction: RP (random projection), PCA (principal component analysis), DM (diffusion map) LDA (linear discriminant analysis), canonical correlation analysis, discrete cosine transform, Monitoring/Detection Phase Correlation Application MMT-based framework 11/21/2018 TAROT 2016

4 Case studies Traditional TCP/IP networks:
LAN monitoring: ARP spoofing still alive. WAN/Internet Monitoring: HTTP User-Agent field case study. 6LoWPAN-based IoT monitoring: Misbehavior node detection algorithm based on Statistical Learning. Information Theory (Entropy)-based routing anomaly detection. Machine Learning-based anomaly detection. System and Application Monitoring SQL injection detection and tolerance. Android malware detection. Machine Learning: Supervised: Neural Network, SVM, Decision Tree Unsupervised: Association rule learning, K-Means 11/21/2018 TAROT 2016

5 Open Issues Machine Learning & Phishing/Web pop-up/Spam avoidance
How can the solution be distributed? Distributed Agents/ Probes How to distribute the agents? (agent-based modeling, geographical information data, e.g., GAMA) Static  Mobile ? 11/21/2018 TAROT 2016

6 Thank you! 11/21/2018

Download ppt "Security Monitoring for Network Protocols and Applications"

Similar presentations

Text mining Gergely Kótyuk Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics www.crysys.hu.

Text mining Gergely Kótyuk Laboratory of Cryptography and System Security (CrySyS) Budapest University of Technology and Economics
Rerun of machine learning Clustering and pattern recognition.

Rerun of machine learning Clustering and pattern recognition.
Yuval Elovici, Prof. Director of Telekom Innovation Laboratories Head of BGU Cyber Security Labs June, 2014 The Role of the Academia in Promoting Cyber.

Yuval Elovici, Prof. Director of Telekom Innovation Laboratories Head of BGU Cyber Security Labs June, 2014 The Role of the Academia in Promoting Cyber.
An Overview of Machine Learning

An Overview of Machine Learning
Software Quality Ranking: Bringing Order to Software Modules in Testing Fei Xing Michael R. Lyu Ping Guo.

Software Quality Ranking: Bringing Order to Software Modules in Testing Fei Xing Michael R. Lyu Ping Guo.
A Comprehensive Study on Third Order Statistical Features for Image Splicing Detection Xudong Zhao, Shilin Wang, Shenghong Li and Jianhua Li Shanghai Jiao.

A Comprehensive Study on Third Order Statistical Features for Image Splicing Detection Xudong Zhao, Shilin Wang, Shenghong Li and Jianhua Li Shanghai Jiao.
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Three kinds of learning

Three kinds of learning
Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.

Copyright 2002, Center for Secure Information Systems 1 Panel: Role of Data Mining in Cyber Threat Analysis Professor Sushil Jajodia Center for Secure.
Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.

Mining Behavior Models Wenke Lee College of Computing Georgia Institute of Technology.
Neural Networks in Data Mining “An Overview”

Neural Networks in Data Mining “An Overview”
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
LLNL-PRES-671957 This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under Contract DE-AC52-07NA27344.

LLNL-PRES This work was performed under the auspices of the U.S. Department of Energy by Lawrence Livermore National Laboratory under Contract DE-AC52-07NA27344.
Automated malware classification based on network behavior

Automated malware classification based on network behavior
Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)

Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)
SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –

SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –
Data Mining Techniques

Data Mining Techniques
Combining Supervised and Unsupervised Learning for Zero-Day Malware Detection © 2013 Narus, Inc. Prakash Comar 1 Lei Liu 1 Sabyasachi (Saby) Saha 2 Pang-Ning.

Combining Supervised and Unsupervised Learning for Zero-Day Malware Detection © 2013 Narus, Inc. Prakash Comar 1 Lei Liu 1 Sabyasachi (Saby) Saha 2 Pang-Ning.
R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

R 18 G 65 B 145 R 0 G 201 B 255 R 104 G 113 B 122 R 216 G 217 B 218 R 168 G 187 B 192 Core and background colors: 1© Nokia Solutions and Networks 2014.

Similar presentations

Ads by Google