SaTC: CORE: Small: Empowering Network Attack Detection with Complex Graph Modeling
University Of Virginia Main Campus, Charlottesville VA
Investigators
Abstract
Modern malware and cyber attacks utilize a wide range of attack techniques and campaigns to target and exploit victim machines. However, large networks (e.g., enterprise networks, campus networks) face enormous challenges in detecting evolving attacks especially with the sheer amount of network traffic each day. This project develops new attack detection approaches for large networks using complex graph modeling. The project’s novelties are (i) constructing a complex graph model to represent network traffic with new techniques to enrich the graph, and (ii) developing novel graph-based learning algorithms to detect anomaly with minimum ground truth data. The project's broader significance and importance are (i) wide dissemination of research results to help the community (e.g., the Security Operations Center) combat complex cyber attacks, and (ii) curriculum development to provide graduate and undergraduate students with experience on analyzing attacks in real-world networks. Specifically, the project (i) constructs the complex graph model with a new graph refinement framework to enrich graph structure and selective labeling techniques to create labels for targeted nodes/edges given resource constraints; (ii) designs a suite of graph-based semi-supervised detection algorithms to take advantage of both labeled and unlabeled data to detect attacks in both static and dynamics network graphs; and ss(iii) develops novel graph-based weakly-supervised frameworks that only rely on limited labeled data or even without any labels to detect attacks. The project uses large-scale network traffic logs collected at a campus network to evaluate the effectiveness and accuracy of the new detection methods in a practical real-world scenario. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →