Visible to the public A Three-Stage Machine Learning Network Security Solution for Public Entities

TitleA Three-Stage Machine Learning Network Security Solution for Public Entities
Publication TypeConference Paper
Year of Publication2020
AuthorsSaganowski, S.
Conference Name2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)
Keywordsabuse reports, abuse-mailbox, Communication networks, cybersecurity, IP networks, Monitoring, network protection, NLP, Portals, predictability, pubcrawl, Real-time Systems, RegSOC, Resiliency, Scalability, security, Security Heuristics, SIEM, social networking (online), threat detection
AbstractIn the era of universal digitization, ensuring network and data security is extremely important. As a part of the Regional Center for Cybersecurity initiative, a three-stage machine learning network security solution is being developed and will be deployed in March 2021. The solution consists of prevention, monitoring, and curation stages. As prevention, we utilize Natural Language Processing to extract the security-related information from social media, news portals, and darknet. A deep learning architecture is used to monitor the network in real-time and detect any abnormal traffic. A combination of regular expressions, pattern recognition, and heuristics are applied to the abuse reports to automatically identify intrusions that passed other security solutions. The lessons learned from the ongoing development of the system, alongside the results, extensive analysis, and discussion is provided. Additionally, a cybersecurity-related corpus is described and published within this work.
Citation Keysaganowski_three-stage_2020