|Proactive and Reactive Cyber Security
Yuji Sekiya (The University of Tokyo, ITC)
|In this research, we analyze cyber security big data in order to prevent facilities from cyber threats. This research is characterized by employing both reactive and proactive approach to cybersecurity. The former can be defined as the analysis of cyber threats with online learning algorithms, and the latter is the prediction of future attacks. The key feature of our reactive approach is to extract knowledge from cyber security big data with a convolutional neural network. In our prior work, we have construct cybersecurity big data, which is comprised of sampled network traffic, DNS queries, contents of malware and malicious websites, and so much on. We have also attempted to extract knowledge from the big data with some heuristics. For example, our collected data was compared with discrimination threshold which was given by our empirical network operations. Herein, we will adopt deep learning technologies to extract knowledge automatically. In addressing to mitigate cyber threat and risks, the proactive approach is also necessary as well as reactive approach, due to that cybersecurity needs to be handled in a very short time period. If we could predict future cyber threats targeted to us and/or our organization, we would earn time for incident handling; it will helpful for providing better cybersecurity against the threats. The key feature of our proactive approach is to analyze social data with natural language processing and machine learning algorithms. The motivation of the attacks explicitly exist and is along with social trends. Text information extracted by SNS such as Twitter, Facebook, blogs, and news articles can be regarded as the context of the message was reflected by this motivation.
|研究紹介ポスター ／ 最終報告書