Principal Investigator: Associate Professor Jens Myrup Pedersen
Department of Electronic Systems – Aalborg University (AAU)
My research field is cyber security, where we are mainly using machine learning algorithms to classify network traffic. Our aim is to be able to distinguish malicious traffic from benign traffic, thus allowing for detecting computers/devices infected with viruses, trojans, botnets, and other kind of malware.
The experiments where HPC helped us dealt with correlation of alarms from Intrusion Detection Systems using Neural Networks. Without HPC the training time was very high, which made it impossible for us to carry out the experiments – HPC reduced the training time by a factor of 35.
The aim of this particular work was to correlate alarms from IDS. The problem is that operators receive so many (false) alarms that it is hard to react timely and properly to true alarms. So these alarms and underlying features are what we have been running on ABACUS 2.0. The preliminary results indicate that the proposed method produces approximately 10 fold reduction in number of alerts, which significantly reduces the need for involvement of a human analysts.