Towards an Evolving Approach to Evaluate Security Monitoring Tools at Edinburgh Napier University on FindAPhD.com

This project is no longer listed on FindAPhD.com and may not be available.

Click here to search FindAPhD.com for PhD studentship opportunities

Dr Mouad Lemoudden, Assoc Prof Rich McFarlane Applications accepted all year round Self-Funded PhD Students Only

Edinburgh United Kingdom Artificial Intelligence Cyber Security Computer Science

About the Project

With continuing growth in the size of computer networks and applications, the potential damage that can be caused is increasing. Intrusion detection is a common cyber security mechanism used to detect malicious activities in host and/or network environments. Given the importance of intrusion detection, research and industry have designed and developed a variety of intrusion detection systems (IDS). Due to the lack of adequate datasets, in addition to the fundamental shortcomings of using them, anomaly-based approaches in intrusion detection systems lack a strong evaluation methodology.

From a scientific and operational point of view, it is necessary to evaluate detection solutions to understand their limits and to determine how to improve them. Traditionally, IDS are evaluated based on their detection performance against a labeled dataset that contains normal and malicious network traffic. Upon inspection, the datasets publicly available are usually obsolete in the span of a couple years in both anomaly types and background, benign Internet traffic. They also suffer from a lack of volume and diversity in traffic, and ultimately, lack of representativeness and realism.

In this PhD project, the successful candidate will explore the current state of the art on security monitoring evaluation and then develop a new approach for an evolving platform for IDS evaluation that solves many of the issues that exist in current methods. The approach will make use of state of the art generative tools in the field of artificial intelligence and apply them to generate normal and malicious traffic. The approach will provide a key solution to one of the biggest concerns of current Intrusion Detection Systems.

Academic qualifications

A first degree (at least a 2.1) ideally in Computer Science with a good fundamental knowledge of Cyber Security.

English language requirement

IELTS score must be at least 6.5 (with not less than 6.0 in each of the four components). Other, equivalent qualifications will be accepted. Full details of the University’s policy are available online.

Essential attributes:

· Experience of fundamental Computer Science

· Competent in Cyber Security

· Knowledge of Intrusion Detection

· Good written and oral communication skills

· Strong motivation, with evidence of independent research skills relevant to the project

· Good time management

Desirable attributes:

- Experience with artificial intelligence/machine learning would be beneficial

For enquiries about the content of the project, please email Mr Maoud Lemoudden [Email Address Removed]

For information about how to apply, please visit our website https://www.napier.ac.uk/research-and-innovation/research-degrees/how-to-apply

To apply, please select the link for the PhD Computing FT application form.

References

[1] Ring, M., Wunderlich, S., Scheuring, D., Landes, D., & Hotho, A. (2019). A survey of network-based intrusion detection data sets. Computers & Security, 86, 147-167.
[2] Ferrag, M. A., Maglaras, L., Moschoyiannis, S., & Janicke, H. (2020). Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. Journal of Information Security and Applications, 50, 102419.
[3] Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp, 1, 108-116.