In this interview, we discuss how Data Mining techniques and machine learning algorithms can be extremely useful when applied in covert channel detection and Domain Generation Algorithms (DGA) detection.
In the last few years, passive analysis of network traffic has become a challenging task due to the high variability of organisations’ IT networks. This often makes classical signature or even statistical detection approaches not sufficiently accurate in detecting potentially anomalous or malicious traffic, due to the lack of focus on network users’ behavioral analysis.
Machine Learning can be considered a powerful tool to extract meaningful information and build models of users’ behaviour but it does have some drawbacks. Data might in fact be corrupted or noisy and models’ creation may bring a high false positive rate. This limitation can be mitigated first by choosing descriptive features to be given to the algorithm, and second by integrating the contribution of different algorithms in order to make the structure more robust. Another possible solution is to create models not only of single network users but also of groups of users sharing some common behavioural characteristics.
Daniella Traino is cyber track leader for the Spark Festival (a NSW festival celebrating entrepreneurs and entrepreneurship), a non-executive director and strategic advisor to IoTSec Australia (a not-for-profit organisation influencing IoT cyber security innovation) and a member of the Research Advisory Committee for the Internet Commerce Security Laboratory (ICSL) – a cyber security research unit of Federation University Australia.
At aizoOn Australia, Daniella is responsible for setting the strategy and leading the cyber security division across three areas of capability – product development, consulting and R&D for the Asia Pacific region.
Federica Bisio is a senior Data Scientist in aizoOn’s Cyber Security Division. Federica’s expertise includes developing data-driven algorithms for anomaly and abnormal behaviour detection, which become codified in aizoOn’s threat detection platform.
Federica obtained a PhD in Electronic Engineering, Information Technology, Robotics and Telecommunications at the University of Genoa (Italy), with an exchange program with the Nanyang Technological University of Singapore, and her thesis involved Machine Learning applications in Network Security.