Coventry University Featured PhD Programmes
FindA University Ltd Featured PhD Programmes
University of Sheffield Featured PhD Programmes
Engineering and Physical Sciences Research Council Featured PhD Programmes
University of Sheffield Featured PhD Programmes

Real-time Detection of Advanced Persistent Threats (APT) using Deep Reinforcement Learning

Project Description

The development of smart cities and communities is now a global agenda. This has accelerated the roll out of Internet of Things (IoT) solutions. Systems that were typically locked down such as critical infrastructure systems and banking systems are now more accessible through the internet; creating a significant security risk that IP networking security protocols were not originally designed to handle.

One of the major security concerns to critical infrastructures is Advanced Persistent Threats (APT). These attacks involve stealth slow penetration of the network bypassing traditional security measures; typically remaining in the network with hardly any monitorable traces. APT are typically multidivisional skilful attacks; often combined with other attacks such as zero-day exploits, social engineering (phishing, pretexting, baiting, etc) as well as insider cooperation with the APT attacker. Literature indicate that in a number of cases critical infrastructures have been compromised for several years prior to detection. Existing cyber security intrusion detection techniques fail short of mitigating the risks of APT.

The move towards software defined networking coupled with the increasing affordability of high-performance GPU clusters have opened the possibilities for the development of complex real time artificial intelligence algorithms. This PhD research project will focus on the investigation of novel APT detection techniques based on deep reinforcement learning techniques with focus on Deep Neural Networks (CNN). The aim is to develop an adaptive scheme that can learn the known patterns of APT to improve the detectability of APT attacks with unknown patterns.

For more information on the supervisors for this project please go to:
Primary Academic Supervisor: Prof Mohamed Abdel-Maguid:
Secondary Academic Supervisor: Prof Nicholas Caldwell:
Secondary Academic Supervisor: Dr Laith Al-Jobouri:

Type of programme: PhD

Start date of project: January 2020

Mode of study: Full-time

Length of studentship: 3 year funded period

Location: Ipswich Campus

Funding Notes

The University of Suffolk are pleased to offer this project as a fee waiver scholarship. The cost of your PhD fees will be covered by the University, however living costs will need to be considered and accounted for by the candidate. UK/EU only.

Entry requirements: acceptable first degree in computing, electrical / electronic engineering or cognate areas. The standard minimum entry requirement is 2:1.


[1] C. Tankard. Advanced persistent threats and how to monitor and deter them. Network Security 2011(8), pp. 16-19. 2011.
[2] K. Hwang, M. Cai, Y. Chen and M. Qin. Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. Dependable and Secure Computing, IEEE Transactions On 4(1), pp. 41-55. 2007.
[3] F. Li, A. Lai and D. Ddl. Evidence of advanced persistent threat: A case study of malware for political espionage. Presented at Malicious and Unwanted Software (MALWARE), 2011 6th International Conference On. 2011, .
[4] P. Hu, H. Li, H. Fu, D. Cansever and P. Mohapatra. Dynamic defense strategy against advanced persistent threat with insiders. Presented at Computer Communications (INFOCOM), 2015 IEEE Conference On. 2015, .
[5] Z. Saud and M. H. Islam. Towards proactive detection of advanced persistent threat (APT) attacks using honeypots. Presented at Proceedings of the 8th International Conference on Security of Information and Networks. 2015, .
[6] S. Siddiqui, M. S. Khan, K. Ferens and W. Kinsner. Detecting advanced persistent threats using fractal dimension based machine learning classification. Presented at Proceedings of the 2016 ACM on International Workshop on Security and Privacy Analytics. 2016,.

Email Now

Insert previous message below for editing? 
You haven’t included a message. Providing a specific message means universities will take your enquiry more seriously and helps them provide the information you need.
Why not add a message here
* required field
Send a copy to me for my own records.

Your enquiry has been emailed successfully

FindAPhD. Copyright 2005-2019
All rights reserved.