• Detecting botnet activity using machine learning

    La Trobe University, Melbourne Campus

    We are delighted to have Prof. Jill Slay AM present her work on improving cyber security using machine learning techniques. Schedule: 5:30pm – Networking – Staff tea room, Physical Sciences 2 6:15pm – Talk – Szental Lecture Theatre 7:30pm – Refreshments – Staff tea room, Physical Sciences 2 The Szental Lecture Theatre is in a standalone building. It is marked HSZ on the campus map and is near carparks 2 & 2A. The staff tea room (Mathematics and Statistics) is on the 2nd floor of the Physical Science 2 building, which is next to the one with the lecture theatre. The building is marked PS2 on the campus map. La Trobe official campus map: https://www.latrobe.edu.au/io/documents/maps/bun/Melbourne-Site-Plan.pdf Google Maps: https://goo.gl/maps/zmuA8vkMLGJ4ZjdE8 (lecture theatre) https://goo.gl/maps/dAkKk9HdiwsNjWFA6 (Physical Sciences 2) Detecting botnet activity using machine learning The Internet of Things (IoT) is a network of interconnected everyday objects (“things”) that have been augmented with a small measure of computing capabilities. Lately, the IoT has been affected by a variety of different botnet activities. As botnets have been the cause of serious security risks and financial damage over the years, existing network forensic techniques cannot identify and track current sophisticated methods of botnets. This is because commercial tools mainly depend on signature-based approaches that cannot discover new forms of botnet. In literature, several studies have been conducted with the use of Machine Learning (ML) techniques in order to train and validate a model for defining such attacks, but they still produce high false alarm rates with the challenge of investigating the tracks of botnets. In this talk, I will present our work investigating the use of ML techniques for developing a network forensic mechanism based on network flow identifiers that can track suspicious activities of botnets. Our experimental results using the UNSW-NB15 dataset revealed that ML techniques with flow identifiers can effectively and efficiently detect botnets’ attacks and their tracks. This is joint work with: N Koroniotis, N Moustafa, E Sitnikova. Bio Professor Jill Slay AM is Optus Chair of Cyber Security at La Trobe University. She leads the Optus La Trobe Cyber Security Research Hub, and is Director of Cyber Resilience Initiatives for the Australian Computer Society. Jill is a Director of the Victorian Oceania Research Centre and previously served two terms as a Director of the International Information Systems Security Certification Consortium. She has established an international research reputation in cyber security (particularly Digital Forensics) and has worked in collaboration with many industrial partners. She was made a Member of the Order of Australia (AM) for service to the information technology industry through contributions in the areas of forensic computer science, security, protection of infrastructure and cyber-terrorism. She is a Fellow of ACS and a Fellow of the International Information Systems Security Certification Consortium, both for her service to the information security industry (and is MACS CP and holds CISSP and CCFP certifications). She has published more than 120 outputs in information assurance, critical infrastructure protection, security and forensic computing in the last 10 years. She has completed the supervision of 20 PhDs and many Masters and Honours theses and has been awarded over AUD 2.5 million in research income. https://scholars.latrobe.edu.au/display/j2slay

  • Young Statisticians Showcase 2019

    Theatre 1, Level B1

    Join us for three short talks by current PhD students Jiadong Mao, Rushani Wijesuriya and Ravindi Nanayakkara. 6:00pm – Talks – Theatre 1, Basement of[masked] Bouverie St, University of Melbourne 7:15pm – Drinks – Prince Alfred Rooftop & Bar, Carlton (SSA Vic members receive a free drink!) Talk 1: Jiadong Mao – Nonparametric estimation for streaming data In the era of big data, huge volumes of data are continuously collected in time-varying environment (termed streaming data). A model for streaming data should be fast to compute and adaptive to the changing nature of the data. These two objectives are hard to achieve simultaneously. Conventional statistical methods often assume that all data have already been collected and stored in the computer memory. Existing models for streaming data, are mostly proposed by computer scientists and only address the computational challenge. Without knowing their theoretical properties, it is hard to predict when these methods will succeed. We develop computationally efficient models with theoretical guarantee, with more flexible nonparametric models, and investigate their theoretical properties using infill asymptotics. Computational properties of the models are shown using computer simulations and then applied to some real data examples to show their power for modelling real-world problems. Talk 2: Rushani Wijesuriya – Multiple imputation in three-level data structures Multilevel data with three levels of hierarchy are common in health research studies. A common problem in such studies is the presence of missing data and often handled with multiple Imputation (MI). To our knowledge there are only two MI implementations that are specialized for imputing missing data in a three-level setting (one within R and the other in the stand-alone software Blimp) and a lack of sufficient guidance for practitioners regarding the settings for which each of these approaches is appropriate. We investigate the performance of alternative MI approaches for handling three-level incomplete data by means of a simulation study under a number of different scenarios. Based on a case study from the Childhood to Adolescence Transition Study (CATS), we compared a range of currently available multilevel MI methods designed for single-level and two-level data combined with ad hoc approaches, such as the use of dummy indicators (DI) for school clusters or a just another variable (JAV) approach to repeated measures, in terms of bias and precision. Talk 3: Ravindi Nanayakkara – Stochastic modelling and statistical analysis of cosmic microwave background data The Cosmic Microwave Background (CMB) is the radiation from the universe since 380,000 years from its birth. In 2009, the European Space Agency launched the mission Planck to study the CMB thoroughly. The aim of the mission was to verify the standard model of cosmology using a detailed resolution of observations and to find out fluctuations from the specified standard model of cosmology. The main statistical model used to describe the CMB data is isotropic Gaussian fields. A random field can be defined as a stochastic process; indexed by a spatial variable. The Rényi function plays a central role in multifractal analysis, since the multifractal formalism in the theory of random cascades can be understood in the sense of the Legendre transform of the Rényi function. For the Rényi function on the sphere, there are three models where the Rényi function is known explicitly. They are Log-Normal model, Log-Gamma model and Log-Negative-Inverted-Gamma model. Our research aims to check the Gaussianity of the CMB Radiation data collected from the Planck mission. We discuss the statistical properties of random fields on spheres using high frequency asymptotics for angular spectrum.