Research Interests

Computer Security

My primary research focus is in the area of computer security and information assurance. This field offers a variety of challenging problems, and I am looking into intrusion detection and response, and applications of artificial intelligence.

Intrusion Detection and Response

While this is a well explored field, there are still many aspects which need investigation. I am most interested in the areas of automated response selection, cross layer intrusion detection, and the use of mapping social interactions to identify malicious behavior. In particular, I am involved in the following research directions:
Response Cost Metrics
  • Developing cost assessment metrics and methodologies to support automated intrusion response.
  • Graph based approaches to a truly generic cost assessment framework.
  • Incorporating confidentiality and integrity loss costs into intrusion and response cost assessment.
Cross-layer Intrusion Detection
  • Exploring the combination of detection methods at different layers of computer interaction, particularly focusing on the Mac, Network, and Application layers.
Leveraging Social Interactions for Malicious Behavior Detection
  • Investigating data mining approaches to building social models from application layer data sources.
  • Evaluating existing social modelling methods to determine applicability for malicious behavior detection.

Artificial Intelligence

My interest in AI is more armchair oriented, but I particuarly enjoy machine learning and inductive logic. In particular, exploring reinforcement learning and unsupervised learning methods (one-class SVMs, clustering, etc...).