| Title | A Three-Stage Machine Learning Network Security Solution for Public Entities |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Saganowski, S. |
| Conference Name | 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) |
| Keywords | abuse reports, abuse-mailbox, Communication networks, cybersecurity, IP networks, Monitoring, network protection, NLP, Portals, predictability, pubcrawl, Real-time Systems, RegSOC, Resiliency, Scalability, security, Security Heuristics, SIEM, social networking (online), threat detection |
| Abstract | In the era of universal digitization, ensuring network and data security is extremely important. As a part of the Regional Center for Cybersecurity initiative, a three-stage machine learning network security solution is being developed and will be deployed in March 2021. The solution consists of prevention, monitoring, and curation stages. As prevention, we utilize Natural Language Processing to extract the security-related information from social media, news portals, and darknet. A deep learning architecture is used to monitor the network in real-time and detect any abnormal traffic. A combination of regular expressions, pattern recognition, and heuristics are applied to the abuse reports to automatically identify intrusions that passed other security solutions. The lessons learned from the ongoing development of the system, alongside the results, extensive analysis, and discussion is provided. Additionally, a cybersecurity-related corpus is described and published within this work. |
| DOI | 10.1109/TrustCom50675.2020.00145 |
| Citation Key | saganowski_three-stage_2020 |
A Three-Stage Machine Learning Network Security Solution for Public Entities