Performance Data-Driven Methods and Tools for Computer Network Defense through Network Science
Abstract
Major Goals: This project will contribute to the Armys mission of keeping economically and military strategic areas from untoward attention and answers the call for submission from the Broad Agency Announcement W911NF-15-R-0002. More specifically, we want to assess the health of large computer networks, to identify and prioritize their weaknesses for effective responses given limited resources. We will use the information theory, signal processing and statistical learning tools in order to identify and to assess the computer network defense weaknesses. Our research objectives and goals are: 1) To define new metrics for anomaly detection and patterns in a spatio-temporal context of available data focusing on slight variations in the big data set (low-and-slow attacks). 2) To conduct a spectral analysis of network topology considering the Origination Destination (OD) patterns in network traffic. 3) Develop simulated data set to validate the theoretical results and to put in evidence the trade-off between false positive and true positive rate. 4) To improve decision-making on continuous learning of normal behavior of defense computer networks in the presence of attacks. 5) To develop a framework for empirical evaluation of learning methods in adversarial environments. The proposed project will both improve the Armys capabilities in the fundamental knowledge about complex networks and enabling applications in: topology, dynamics, information theory. In particular, this project will leverage mathematical techniques utilized in network science to analyze other types of networks, such as network information theory, game theory, data mining, Markov chains and interaction of computer communications and human networks.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 20, 2019
- Accession Number
- AD1095592
Entities
People
- Paul Cotae
Organizations
- University of the District of Columbia