BIG DATA SECURITY ANALYTICS FOR THE INTERNET OF THINGS

The need for active network security is paramount these days with newer form of attacks becoming immune to rule based systems. The availability of large amounts of network data gives rise to the need for effective data mining and machine learning algorithms. While there is a lot of existing and well known data mining algorithms that work on independent data samples, network traces are full of rich information that are attributed, structured and relational in nature. For example, the communication between different systems contains information such as their IP addresses, network protocol, number and duration of packets and this is just the tip of the iceberg. Going down the layers of the networking model, a plethora of useful attributes can be extracted from the data. Networks are also dynamic in nature as they are constantly evolving and changing over time. The standard data mining algorithms struggle to handle all these characteristics at the same time. This calls for a rich representation of the network data. Dynamic attributed graphs are a solution to this problem. They are quite expressive in their representation of the real world data which makes them a powerful tool for this purpose.

The main objective of this research project is to design an anomaly detection algorithm to mine network traffic data represented in the form of dynamic attributed graphs. The first step of the project is to investigate the feature selection of the different attributes for a robust and efficient representation of the network data in the graph. This will be followed by the development of a global anomaly detection algorithm that will highlight anomalous data samples in the dynamic graph. Finally, a deeper inspection of the anomalous data sample will be performed to determine the type of anomaly and further classify it if necessary. We envisage applying the developed algorithm to intrusion detection for cyber-physical networks such as SmartGrid and Smart Transport.

Contact Details

Dr. Paul Miller
Telephone: +44 (0)28 9097 4637
email: p.miller@qub.ac.uk