Ethics in data sharing: developing a model for best practice

As an outcome of a seminar on the 'Ethics in Data Sharing', we sketch a model of best practice for sharing data in research. We illustrate this model with two current and timely real-life cases from the context of computer and network security

Unstructured Data for Cybersecurity and Internal Control

This paper proposes a research framework for studying the connections--realized and potential--between unstructured data and cybersecurity and internal controls. In the framework, cybersecurity and internal control goals determine the tasks to be conducted. The task influences the types of unstructured data to be accessed and the types of analysis to be done, which in turn influences the outcomes that can be achieved. Patterns in unstructured data are relevant for cybersecurity and internal control, but unstructured data poses unique challenges for its analysis and management. This paper discusses some of these challenges including veracity, structuralizing, bias, and explainability

Unstructured data for cybersecurity and internal control

This paper proposes a research framework for studying the connections-realized and potential-between unstructured data (UD) and cybersecurity and internal controls. In the framework, cybersecurity and internal control goals determine the tasks to be conducted. The task influences the types of UD to be accessed and the types of analysis to be done, which in turn influences the outcomes that can be achieved. Patterns in UD are relevant for cybersecurity and internal control, but UD poses unique challenges for its analysis and management. This paper discusses some of these challenges including veracity, structuralizing, bias, and explainability

Network Traffic Behavioral Analytics for Detection of DDoS Attacks

As more organizations and businesses in different sectors are moving to a digital transformation, there is a steady increase in malware, facing data theft or service interruptions caused by cyberattacks on network or application that impact their customer experience. Bot and Distributed Denial of Service (DDoS) attacks consistently challenge every industry relying on the internet. In this paper, we focus on Machine Learning techniques to detect DDoS attack in network communication flows using continuous learning algorithm that learns the normal pattern of network traffic, behavior of the network protocols and identify a compromised network flow. Detection of DDoS attack will help the network administrators to take immediate action and mitigate the impact of such attacks. DDoS attacks are costing enterprises anywhere between $50,000 to$2.3 million per year. We performed experiments with Intrusion Detection Evaluation Dataset (CICIDS2017) available from Canadian Institute for Cybersecurity to detect anomalies in network traffic. We use flow based traffic characteristics to analyze the difference in pattern between normal vs anomaly packet.We evaluate several supervised classification algorithms using metrics like maximum detection accuracy, lowest false negatives prediction, time taken to train and run. We prove that decision tree based Random Forest is the most promising algorithm whereas Dense Neural network performs equally well on certain DDoS types but require more samples to improve the accuracy of low sampled attacks