My primary research focus is in the area of computer security and information
assurance. This field offers a variety of challenging problems, and I am
looking into intrusion detection and response, and applications of artificial
Intrusion Detection and Response
While this is a well explored field, there are still many aspects which need investigation. I am most interested in the areas of automated response selection, cross layer intrusion detection, and the use of mapping social interactions to identify malicious behavior.
In particular, I am involved in the following research directions:
Response Cost Metrics
- Developing cost assessment metrics and methodologies to support automated
- Graph based approaches to a truly generic cost assessment framework.
- Incorporating confidentiality and integrity loss costs into intrusion and
response cost assessment.
Cross-layer Intrusion Detection
- Exploring the combination of detection methods at different layers
of computer interaction, particularly focusing on the Mac, Network,
and Application layers.
Leveraging Social Interactions for Malicious Behavior Detection
- Investigating data mining approaches to building social models from
application layer data sources.
- Evaluating existing social modelling methods to determine applicability
for malicious behavior detection.
My interest in AI is more armchair oriented, but I particuarly enjoy machine
learning and inductive logic. In particular, exploring reinforcement learning
and unsupervised learning methods (one-class SVMs, clustering, etc...).