Mr Gaseb Alotibi
Brief biographical firstname.lastname@example.org
Behavioural Monitoring for Network Communications
People are the principal factor in the use of computer systems; however they are also considered a major threat. Misuse of computer systems, deception and information leakage are all notable examples. Indeed, a recent survey has highlighted insider misuse, leakage of sensitive information and unauthorised access to the system represent 78%, 61% and 47% respectively of all threats for large organisations. Richards argued "Authorized users with a level of organizational trust, who are doing legitimate activities with malicious intent, pose the biggest threat". In recent years, research has become more focused upon developing security tools to enable organisations to mitigate information misuse, for example, Security Information and Event Management (SIEM) and Data Loss Prevention (DLP) tools. However, such approaches still suffer serious limitations, such as reliably identifying misuse. Having identified misuse, the next problem is attribution. Being able to identify individuals from network traffic using biometric-based approaches, rather than unreliable hardware identifiers (e.g. IP address) can provide a more robust approach to associating misuse to the individuals responsible.Mr Gaseb Alotibi
The MPhil phase will focus upon developing an understanding of the current state of the art within the specific and associated domain. This will include research into insider misuse, data loss prevention, intrusion detection systems, traffic analysis, biometrics and visualisation. This phase of the project will also undertake a preliminary experiment into the examination of network-based data for the purposes of identifying possible behavioural features that could be useful in the detection of insider misuse, information leakage, deception, industrial espionage or the identification of individuals. Whilst it is not envisaged this project will seek to solve all these issues, the project scope is purposefully being left open until after the preliminary experiments and literature review phases are completed.
Director of studies: Prof. Nathan L Clarke
Other supervisors: Prof. Steven M Furnell, Dr Fudong Li
1 Journal papers
User profiling from network traffic via novel application-level interactions
Forensic Investigation of Network Traffic: A Study into the Derivation of Application-Level features from Network-Level Metadata
Behavioral-Based Feature Abstraction from Network Traffic
3 Conference papers
A Framework of User Identification From Network Traffic
5 publication(s) - all categories.