Francesco Palmieri, University of Salerno, Dept. of Computer Science
New research directions in network anomaly detection: exploring chaotic and recurrent dynamics empowered by advanced machine learning practices
With the ever increasing success of Internet-based technologies and their involvement in virtually any sector of our everyday’s life, the need of detecting network-originated abuses for early alerting and timely reaction purposes assumes a paramount importance. However, the concept of normal or anomalous behavior when associated to network activities is extremely elusive and depends on a huge number of variable factors, often not immediately evident.Consequently, a new generation of self-learning models that adaptively consider and understand the hidden relationships between these factors and the innermost dynamics underlying the involved networks and applications, is needed in order to effectively recognize previously unknown security threats and react to them. This keynote outlines, by starting from an analysis of the most successful approaches available in literature, the recent research directions in network anomaly detection by focusing on the most challenging and promising ones.
This will be done by observing the problem from multiple perspectives, ranging from the traditional techniques, gathering knowledge about normal and anomalous events through a statistical idealization of past observations, to newer ones leveraging chaos theory, non-linear system dynamics and recurrence analysis. All these techniques are combined with several methodologies originally born in the machine-learning and artificial intelligence framework (e.g. neural networks, auto-encoders etc.), adapted and properly harmonized for providing a deterministic interpretation of the complex traffic dynamics associated to normal and anomalous events. Future research opportunities arise from the consideration that different properties and criteria could be applied for inferring more sophisticated traffic features, that can be used to obtain a deeper and more comprehensive understanding about traffic profiles associated to security-related events.
About the Speaker
Francesco Palmieri is a full professor at the University of Salerno, Italy, where he received two Italian “Laurea” M.S. degrees and a PhD in computer science. Previously he has been an associate professor at the University of Salerno, an assistant professor at the Second University of Naples, and the Director of the telecommunication and networking division of the Federico II University, in Naples, Italy. At the start of his career, he also worked for several international companies on networking-related projects. He has been closely involved with the development of the Internet in Italy as a senior member of the Technical-Scientific Advisory Committee and of the CSIRT of the Italian NREN GARR. His major research interests concern high performance networking protocols and architectures, routing algorithms and network security. The actual focus of his scientific exploration and dissemination activity concern the use of soft computing, optimization and artificial intelligence technologies for solving challenging problems in the above areas. He has published a large number (more than 200) of papers in leading technical journals, books and conferences and currently serves as the editor-in-chief of an international journal (Journal of High Speed networks) and is part of the editorial board or associate editor of several other well reputed ones (i.e., IEEE Transactions on Dependable and Secure Computing, Journal of Networks and Computer Applications, Information Sciences, Future generation Computer Systems, Applied Soft Computing, Soft Computing, International Journal of Intelligent Systems). He also guest edited many special issues in leading technical journals (i.e. IEEE Transactions on Industrial Informatics, Journal of Networks and Computer Applications, Information Sciences, and many others). In his career, he has been involved, by also assuming strategic roles, in several national and international research and network development projects. Finally, he participated to several technology transfer initiatives also involving leading companies operating in the networking and security sectors.