Mrs Bushra Al-Saadi
Brief biographical firstname.lastname@example.org
Optimising information storage for security analysis
Network attacks typically include a complex series of events, some of which appear to be unrelated to the actual main activity. In order to achieve a full image of such an attack, a complete capture of the contextual network traffic is required around the timeframe of the attack. This poses a significant challenge in terms of storage and processing, as data collection capabilities are often not match by adequate storage and on-the-fly processing; the traditional approach of using an intrusion detection system, such as snort, does not allow subsequent analysis, as only predefined traffic signatures are captured. This project aims to review the data collection and processing by capturing raw traffic that is subsequently filtered, pruned, or clustered in order to reduce the impact on storage. The data reduction is based on the establishing similarity and relevance in the collected traffic and eliminate from the capture traffic below specific anomaly thresholds. The process of data analysis will use Hadoop for storage of information, with follow-up analysis relying on clustering collected traffic and storing it long term depending on its anomaly levels.Mrs Bushra Al-Saadi
The project will start with a review of the state of the art in the areas of network attack analysis and collection as well as Hadoop storage. After establishing a baseline, the project will propose a set of methods for clustering and reducing the data in order to maintain the level or resolution required by context analysis of attacks; in the next stage, the methods will be connected to the Hadoop infrastructure in order to fully take advantage of its ability to query and update data storage. The project will then propose a framework to integrate the entire process, from raw data collection to long term storage. The undertaken research will be summarised in a PhD thesis.
Director of studies: Dr Bogdan Ghita
Other supervisors: Dr David Lancaster
Sorry, there are no papers available that meet your search criteria.