2012 MRes projects
- Twitter and Crime: The spatio-temporal link between social-media and criminal activity
- To what extent do water treatment processes affect the concentration of peroxide explosives in river water?
- Dual-band Frequency Reconfigurable Antennas
- Incorporating Nanostructures to Enhance the Performance of Semiconducting Metal
- A relevance study determining the use of GSR upon clothing and shoes as an item of evidence
- Automating the conceptual analysis of large-scale text-based subjective data sets
- Assessing the potential of e-noses for illicit drug detection in future drug-trafficking interdiction strategies
- Judgement in UK fingermark recovery: room for development?
- Modelling the allocation of crowd control resources
- Comparative study of the different feature extraction algorithms used for fingerprint identification
- Domain Adaptation of Statistical Classifiers for Security-related Bug Reports
- The detection of clandestine methamphetamine laboratories using semiconducting metal oxide gas sensors
- The evaluation of geochemical analysis methods for forensic provenance and interpretation
- Confirmation bias: A Study of biasability within Forensic anthropological visual assessments on skeletal remains
- Statistical change point detection of internet traffic
- Trace evidence dynamics: assessing the transfer and persistence of microbial diatom evidence in forensic investigation
- Data Communication for Underwater Sensor Networks
- Automated Cargo Inspection: Exploring the use of Machine Vision in X-ray Transmission Imaging
- Network Externalities and Migration: An Agent-Based Model Distinguishing Documented and Undocumented Flows
Statistical change point detection of internet traffic
22 March 2013
By any measure, the UK is one of the world’s top internet users. UK dependence on cyberspace is significant and growing; more than 7% of the UK's GDP is generated through on-line activity. Networked systems are increasingly being targeted by sophisticated cyber-criminals and hostile nations. As highlighted by the Defense Select Committee, the threat that these cyber-attackers pose can "evolve at almost unimaginable speed". Since current methods are primarily based on prior knowledge of attack scenarios, these new adaptive (“zero-day”) attacks are very hard to mitigate or even detect. This project will examine the application of advanced statistical and machine learning ideas to model and detect anomalous computer network activity, which may be relevant for detecting such attacks. Many previous efforts have only considered independent analysis of individual measures of activity. When multivariate analysis is considered it is important to establish and automatically learn the cross correlation structure present under normal operating conditions. However, this is only tractable when appropriate prior knowledge is leveraged. A common strategy in other fields is to assume that the multivariate signal forms certain patterns of clusters. To this end, recent machine learning approaches utilising sparse structure learning through the Lasso, graphical Lasso, and other extensions such as the group Lasso will be considered. Future research may lead to the extension of this project work, incorporating the above techniques within a context-aware, multi-scale framework for anomaly detection.