|Speaker:||Dr. Edoardo Serra, Boise State University|
|When:||March 27, 2018, 11:00 am - 12:00 pm|
|Where:||Engineering Building, Room 4801|
Nowadays, network attacks are more and more sophisticated and target specialized networks such as cyber-physical systems, IoT device networks, and Enterprise networks. Signature and anomaly-based Intrusion Detection Systems (IDSs) are commonly used to protect such networks. However, IDSs do not represent an effective solution. In fact, IDSs are not always able to recognize threats and generate a huge amount of false alarms. This happens because of sophisticated attacks such as Zero-Day attacks, Advanced Persistent Threats (APTs), Insider Threats, etc., or because non-common benign behaviors are recognized as malicious. Moreover, teams of security analysts in bigger enterprise networks are not enough in number to keep up with these huge flows of generated alerts. In this talk, I will present non-conventional data-driven techniques to mitigate this problem such as: 1. How to measure computer security skills by using (in a collaborative way) historical alert data from different computers. As this measure is proved to correlate with the likelihood of being a victim of particular malware infections, it can be used to prioritize alerts for further investigation. 2. How to model the behavior of an attacker and using the network structure and the assets of the network to produce better and distributed ways to assign alerts to security analysts over the time. 3. How honey-networks can be automatically deployed and used to observe network intrusions, and how to use reinforcement learning to model the learning abilities of an attacker trapped in a honey-network.
Dr. Serra received his Ph.D. degree in Computer Science Engineering from the University of Calabria, Italy, in 2012. During his Ph.D. he was a Visiting Researcher at the Computer Science Department of the University of California - Los Angeles. After the Ph.D. degree, Dr. Serra was a postdoc at the University of Calabria and a Research Associate at the University of Maryland (2013-2015). From Aug. 2015, he is Assistant Professor in the Computer Science Department at Boise State University (BSU). His research interests are in the field of Data Science with applications in Cyber-security. His background also includes machine learning, optimization, databases, and artificial intelligence. His research is published in prestigious venues such as IEEE an ACM Transactions Journals and top-tier conferences, e.g., ESORICS and WSDM.