Realtime Learning of Malicous behaviour in computer networks

Themes: High Tech, Software technology & Intelligent Systems

A TRL is a measure to indicate the matureness of a developing technology. When an innovative idea is discovered it is often not directly suitable for application. Usually such novel idea is subjected to further experimentation, testing and prototyping before it can be implemented. The image below shows how to read TRL’s to categorise the innovative ideas.

Click to enlarge

Summary of the project

Malicious software or malware is used to perform malicious activities on computer networks such as denial of service attacks, spam distribution, and data exfiltration. Solutions for detecting such activities rely on the development of so-called fingerprints: pieces of data that are unique to a specific activity. The researchers develop machine-learning technology that learns and detects such fingerprints, which are subsequently used to automatically recognise and pinpoint the presence of malware in large computer networks.

Using modern data stream mining techniques, the researcher is capable of learning complex behavioural models in real-time from vast amounts of network streams. These models provide insightful behavioural fingerprints that can be interpreted and matched with monitored network traffic to find all existing infections of the same malware. This approach is what makes the project unique.

The researcher pushes the boundary of software understanding by moving from traditional black box testing of unknown software towards white box testing by unravelling the internal structure of software through machine learning.

What's next?

The researcher is currently testing the scalability to large networks and thousands of malware samples. A next step for this project is to create learning software that Internet service providers or security operation centres can use to monitor, analyse, and secure the vast data-streams occurring in modern computer networks. The researcher will soon launch a spin-off company, on this idea.  

Dr. Sicco Verwer


Dr. Christian Hammerschmidt

MSc. Gaetano Pellegrino

MSc. Qin Lin

MSc. Azqa Nadeem