Vic Branch – Detecting botnet activity using machine learning

We are delighted to have Prof. Jill Slay AM present her work on improving cyber security using machine learning techniques.

Schedule:
5:30pm – Networking – Staff tea room, Physical Sciences 2
6:15pm – Talk – Szental Lecture Theatre
7:30pm – Refreshments – Staff tea room, Physical Sciences 2

The Szental Lecture Theatre is in a standalone building.  It is marked HSZ on the campus map and is near carparks 2 & 2A. See also on Google Maps.

The staff tea room (Mathematics and Statistics) is on the 2nd floor of the Physical Science 2 building, which is next to the one with the lecture theatre.  The building is marked PS2 on the campus map.  See also on Google Maps.

The Internet of Things (IoT) is a network of interconnected everyday objects (“things”) that have been augmented with a small measure of computing capabilities. Lately, the IoT has been affected by a variety of different botnet activities. As botnets have been the cause of serious security risks and financial damage over the years, existing network forensic techniques cannot identify and track current sophisticated methods of botnets. This is because commercial tools mainly depend on signature-based approaches that cannot discover new forms of botnet.  In literature, several studies have been conducted with the use of Machine Learning (ML) techniques in order to train and validate a model for defining such attacks, but they still produce high false alarm rates with the challenge of investigating the tracks of botnets.  In this talk, I will present our work investigating the use of ML techniques for developing a network forensic mechanism based on network flow identifiers that can track suspicious activities of botnets. Our experimental results using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks.  This is joint work with: N Koroniotis, N Moustafa, E Sitnikova.

Professor Jill Slay AM is Optus Chair of Cyber Security at La Trobe University.  She leads the Optus La Trobe Cyber Security Research Hub, and is Director of Cyber Resilience Initiatives for the Australian Computer Society. Jill is a Director of the Victorian Oceania Research Centre and previously served two terms as a Director of the International Information Systems Security Certification Consortium. She has established an international research reputation in cyber security (particularly Digital Forensics) and has worked in collaboration with many industrial partners.  She was made a Member of the Order of Australia (AM) for service to the information technology industry through contributions in the areas of forensic computer science, security, protection of infrastructure and cyber-terrorism.  She is a Fellow of ACS and a Fellow of the International Information Systems Security Certification Consortium, both for her service to the information security industry (and is MACS CP and holds CISSP and CCFP certifications).  She has published more than 120 outputs in information assurance, critical infrastructure protection, security and forensic computing in the last 10 years.  She has completed the supervision of 20 PhDs and many Masters and Honours theses and has been awarded over AUD 2.5 million in research income.

Recordings:
Video: https://vimeo.com/ssavic/20190827-slay
Audio: https://tinyurl.com/ssavic-20190827-slay