Faculty Recruiting Make a Gift

Security Speaker Series: Professor Zheni Utic (UMass Amherst)

28 Nov
Wednesday, 11/28/2018 1:25pm to 2:25pm
Computer Science Building, Room 151
Security Seminar
Speaker: Zheni Utic

Cybersecurity Institute
Security Speaker Series

Title: Machine Learning Methods for Network Intrusion Detection and Intrusion Prevention Systems

Abstract: Given the continuing advancement of networking applications and our increased dependence onsoftware-based systems, there is a persistent need to develop improved security techniques for defending modern information technology (IT) systems from malicious cyber attacks. As a result, the broader cybersecurity problem area has emerged as a major concern, with many solution strategies being proposedfor both intrusion detection and prevention. In light of the above, the current work introduces novel methodologies to build appropriate strategies for system administrators (defenders). In particular, detailed machine learning models of security systems are developed to analyze overall performance and predict the likely behavior of the key decision makers influencing the protection structure. The initial objective here is to create a reliable intrusion detection mechanism to help identify malicious attacks at a very early stage, i.e., tominimize potentially critical consequences and damage to system privacy and stability.

Furthermore, another key objective isalso to develop effective intrusion prevention (response) mechanisms. Along these lines, a machine learning based solution framework is developed consisting of two modules. Specifically, the first module prepares the system for analysis and detects whether or not there is a cyber-attack.Meanwhile, the second module analyzes the type of the breachand formulates an effective response. Namely, a decision agentis used in the latter module to investigate the environment and make appropriate decisions in the case of uncertainty. This agents startby conducting its analysis in a completely unknown milieubut continually learns to adjust its decision making based upon the provided feedback. The overall system is designed to operate in an automated manner without any intervention from administrators or other cybersecurity personnel. Human input is essentially only required to modify some key model (system) parameters and settings. Overall, the proposed framework provides a solid foundation from which to develop improved threat detection and protection mechanisms for static setups, with further extensibility for handling streaming data.

Biography: Zheni Utic is a Visiting Assistant Professor at the Mathematics and Statistics Department University of Massachusetts Amherst. Her area of research is machine learning and stochastic problems applied to cybersecurity. A substantial scientific contribution of her research is the proposed and applied for network security model which unites Data science machine learning techniques, Decision analysis, Control Processes, Bayesian inference and Game theories in one interconnected, adapted to streaming data framework. She is a member of Informs and IEEE. She received her Doctoral Degree in Mathematics with a concentrationin Statistics at theUniversityof South Florida.

Co-hosted by Professor Krista Gile

Faculty Host