• home
• current students
• graduate
• events

Presenter: Behnaz Saropourian
Supervisor:

Date: Fri, September 9, 2022
Time: 11:00:00 - 12:00:00
Place: via Zoom - please see link below

ABSTRACT

Join Zoom Meeting
https://uvic.zoom.us/j/82163599451?pwd=M3FGaStZMy8rOGFKc05XQzVWbkN6Zz09
Meeting ID: 821 6359 9451
Password: 907990

One tap mobile
+17789072071,,82163599451#,,,,0#,,907990# Canada
+16475580588,,82163599451#,,,,0#,,907990# Canada

Dial by your location
  +1 778 907 2071 Canada
  +1 647 558 0588 Canada
Meeting ID: 821 6359 9451
Password: 907990
Find your local number: https://uvic.zoom.us/u/keriYe5bCe  

ABSTRACT
Today, the number of targeted attacks has increased extremely. The attacks have increased in sophistication and diversity. It is imperative to deploy effective and proactive countermeasures that can help mitigate the threats to organizations and citizens.
The Activity and Event Network (AEN) is a new knowledge graph that uses graph database technology to model security relevant network data items and their relationships as they change through time and apply various threat detection techniques.
The purpose of the project is to evaluate the performance of one of the AEN threat detection techniques based on graph-based attack fingerprints or signatures, and conduct a comparison with the Snort IDS, which is a popular signature-based IDS. The evaluation was conducted using the CICIDS2017 public dataset, and discussions of the strengths and limitations of the fingerprint model were conducted, paving the way for future improvements.