Description
Date depot: 9 septembre 2022
Titre: Machine Learning and Property Graphs-based Methods for the Detection and Analysis of Cyberthreats
Directeur de thèse:
Farid NAIT-ABDESSELAM (LIPADE)
Domaine scientifique: Sciences et technologies de l'information et de la communication
Thématique CNRS : Systèmes et réseaux
Resumé: A “False Positive” (FP) error occurs when a security system misinterprets a non-malicious activity as an attack. These errors are a critical issue for cybersecurity today.
The false-positives problem lies in the fact that anomaly-based malware detection is built on the flawed assumption that anomalies are inherently bad. Anything that is out of the ordinary is dangerous, or at least could be dangerous, and needs further examination. However, in reality, it’s the norm to have at least some anomalies that are good and some bad behaviors that won’t show up as anomalies. Although the good-behavior models most commonly associated with AI often create false positives, adding the automated application of bad-behavior models can reduce these errors to a manageable number.
Attack technologies continue to evolve. Therefore, cybersecurity systems must be able to identify new patterns of malicious traffic and intrusion attempts. One of the most promising ways to do this, while simultaneously minimizing False Negatives and False Positives, is to use machine learning (ML). Therefore, this thesis will focus on developing solutions using machine learning to reduce the False Positive Rate and False Negatives Rate.
Doctorant.e: Zhang Yan Ocean