Intelligent Feature Engineering for Cybersecurity

Feature engineering and selection is a critical step in the implementation of any machine learning system. In application areas such as intrusion detection for cybersecurity, this task is made more complicated by the diverse data types and ranges presented in both raw data packets and derived data fields. Additionally, the time and context specific nature of the data requires domain expertise to properly engineer the features while minimizing any potential information loss. Many previous efforts in this area naively apply techniques for feature engineering that are successful in image recognition applications. In this work, we use network packet dataflows from the Defense Research and Engineering Network (DREN) and the Engineer Research and Development Center\u27s (ERDC) high performance computing systems to experimentally analyze various methods of feature engineering. The results of this research provide insight on the suitability of the features for machine learning based cybersecurity applications

Detecting Malicious Websites Using Machine Learning

The growing use of the internet resulted in emerging of new websites every day (Total number of Websites - Internet Live Stats, 2020). Web surfing has become important for everyone regardless of their occupation, age or location. However, as the use of the internet is increasing so is the vulnerability to malware attacks through malicious websites (Softpedia, 2016). Identifying and dealing with such malicious website has been quite difficult in the past as it is quite challenging to separate good websites from bad websites. However, by using machine learning algorithms on large datasets it is now possible to detect such websites beforehand. Classifiers trained using algorithms such as logistic regression and Support Vector Machine (SVM) can be used to detect malicious websites and the users can be warned about the risk before they visit such sites. This project focuses on using a variety of different classification algorithms to distinguish whether a website is malicious or not using the Kaggle Malicious and Benign Website Dataset. We have showcased that it is possible to detect malicious websites with a reasonable amount of certainty (90% of the 75 malicious websites in the test set were identified) using machine learning models. We have also determined the features that were critical in predicting the likelihood of a website being malicious. Most of our key features are easily available (URL Length, number of Special characters, Country, Age of website)

悪性IPアドレスの分布情報に基づいた未知のWebサイト判別手法

指導教員：中村　嘉

Ciberseguridad : el reto del siglo XXI

El siglo XXI es el siglo del dato, su análisis y de la conectividad; en definitiva, el siglo de la información en tiempo real y disponible para cualquiera en cualquier lugar del mundo. Dichos datos están impactando en todos los ámbitos de la sociedad y de la economía de tal forma que no se entiende ningún sector productivo ni ninguna relación social sin dato; todos tenemos algún lugar en las redes sociales desde donde intercambiamos experiencias personales o profesionales. Si a este hecho se le suma el auge de la Inteligencia Artificial, se tiene un siglo en el que los avances tecnológicos van a ser totalmente disruptivos para todos nosotros