Security Analytics

(logo)

Overview

As organizations collect increasingly large amounts of security logs, this data can be used proactively for breach prevention and mitigation. Security analytics is defined as the applications of machine learning and data mining in cyber security. We are actively working on new techniques to extract meaningful intelligence from different data sources, and detect security-related anomalies with high accuracy and low false positive rates. Of particular interest are stealthy attacks such as advanced persistent threats (APTs) and insider threats ? difficult to detect in general with existing technologies. We are designing analytics-based security services within an organization perimeter that complement existing defenses by analyzing large amounts of security logs in real-time and generating prioritized alerts of suspicious activities.

Publications

    Conferences

    Catching Predators at Watering Holes: Finding and Understanding Strategically Compromised Websites Sumayah Alrwais, Kan Yuan, Eihal Alowaisheq, Xiaojing Liao, Alina Oprea, Xiaofeng Wang and Zhou Li In Proceedings of Annual Computer Security Applications Conference (ACSAC), 2016 [PDF]
    Operational security log analytics for enterprise breach detection Zhou Li and Alina Oprea. The First IEEE Cybersecurity Development Conference (SecDev). [PDF]
    Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data Alina Oprea, Zhou Li, Ting-Fang Yen, Sang H. Chin, and Sumyah Alrwais In Proceedings of IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2015 [PDF]
    An Epidemiological Study of Malware Encounters in a Large Enterprise Ting-Fang Yen, Victor Heorhiadi, Alina Oprea, Michael K. Reiter, and Ari Juels In Proceedings of ACM Conference on Computer and Communications Security (CCS), 2014 [PDF]
    Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks Ting-Fang Yen, Alina Oprea, Kaan Onarlioglu, Todd Leetham, William Robertson, Ari Juels, and Engin Kirda In Proceedings of Annual Computer Security Applications Conference (ACSAC), 2013 [PDF]

    Presentations

    Applications of Machine Learning in Security Workshop on Cybersecurity Applications of Big Data, Boston University, January 2016

Students

  • Supraja Krishnan

Funding

TBD