Inferring the Purpose of Network Activities

Research Associate
P.I. Gianluca Stringhini


Funded by the “EPSRC grant EP/N008448/1”: Principal Investigator: Gianluca Stringhini

“In this proposal, we aim to make some fundamental steps towards being able to reliably detect targeted attacks on computer networks. To this end, we plan to abstract the observation from the actual manifestation of an attack, and focus on the purpose behind network activities instead. We believe that modern machine learning techniques such as deep belief networks can be used to automatically learn high-level features from network data. Such features are indicative of the purpose for which the network activity is performed, rather than of the specific techniques and tools used to accomplish that purpose. These high-level features can then be used in traditional supervised machine learning to detect whether a network activity is being performed with a malicious intention or a benign one.”