MD and NM-Computational and Information Sciences, Computational and Information Sciences Directorate
The proposed research will explore the study of cyber security, resilience, and risk with machine learning techniques combined with other mathematical and computational approaches. We have developed intrusion detection and prevention systems, predictive models, algorithms, software tools, and databases for monitoring and storing large volumes of computer network traffic data, packet capture data, and security incident reports to theoretically and empirically analyze the network topologies, patterns, and behaviors of individual users and organizations to identify predictive features of normal, malicious, and anomalous data. For example, mathematical analysis of Open Systems Interconnection network layer (and above) characteristics, requirements, and datasets will allow us to expose which individual packet and traffic features are predictive of cyber-attacks.
This research opportunity involves: (1) management and analyses of network traffic data and enhancement of data collection and storage methods; (2) development and enhancement of detailed signature and anomaly-based detection models for networked devices, applying machine/statistical learning and other analytical techniques and algorithms to capture malicious and anomalous traffic, where intrusion detection models and source code previously developed and validated by ARL can be leveraged; (3) investigation of network dynamics and patterns, standard predictive performance metrics (e.g., precision, recall), and resource utilization measures, such as network bandwidth and memory usage; and (4) model testing, validation, and verification to determine whether and how the observable characteristics of network traffic inform security, robustness, and resilience, and to improve the efficiency and performance of intrusion detection, prevention and prediction tools.
Tayebi A, Berber SM, Swain A: Wireless Sensor Network Attacks: An Overview and Critical Analysis with Detailed Investigation on Jamming Attack Effects. In Sensing Technology: Current Status and Future Trends III. Springer International Publishing, 2015
Kott A: Towards Fundamental Science of Cyber Security. in Network Science and Cybersecurity. Springer New York, 2014
Kott A, Arnold C: The promises and challenges of continuous monitoring and risk scoring. Security & Privacy, IEEE 11(1): 90-93, 2013
Cyber security; Stochastic processes; Machine learning; Dynamical systems; Anomaly detection; Predictive modeling; Intrusion detection; Cyber resilience; Data analytics;