Unsupervised adverse learning in the detection and countermeasure of advanced persistent threat campaigns
Résumé rédigé par
Directeur de thèse:
Unité de recherche ? 0 Laboratoire inconnu!
This PhD is also supervised by Valérie Viet Triem Tong and Ludovic Mé from CentraleSupelec.
In information security, attackers are an ever-growing and ever-changing menace, while protection systems are mostly stuck to looking for known attack patterns. This PhD is part of a project whose aim is to leverage machine learning technologies in order to detect unknown threats when they strike. In particular, this PhD will focus on finding Advanced Persistent Threats, which are highly focused and highly capable attacks. The main research topic will be the linking of related events occuring at different time and maybe on different machines inside the same entity, even if the events take place several years appart. The aim is to, whenever an attack is detected, find out where the attack originated and how it got wherever it is now. This would assists first line responder in assessing the severity of the attack as well as teams doing forensic analysis.