Intrusion Detection

This research focuses on creating new ways to identify previously unseen attacks in a more targeted fashion. Specifically, one of the key weaknesses associated with the majority of current detection methods is they rely on detecting abnormal behavior from raw sensor data such as the amount of network traffic, processor usage, and sources and destinations. The result is often slight changes in these can easily go unnoticed as fluctuations in the system regularly observed under normal conditions. My current work in this area is focused on improving our ability to detect new attacks faster and more reliably.