Improving the Intrusion Detection and Assessment of Cybersecurity Posture
July 14, 2022
11:30 AM - 12:45 PM
Improving the Intrusion Detection and Assessment of Cybersecurity Posture
Speakers: Oleksii Baranovskyi, Blekinge Institute of Technology, Sweden, and Volodymyr Tkach, National Technical University of Ukraine
Abstract: Centralized intrusion detection and prevention systems (IDS/IPS) and Security Information Event Management (SIEM) systems often fail to instantly analyze and respond to information and cybersecurity threats that occur in distributed and heavy loaded environments due to the computational, storage and license limitations. In our research, we are focused on Indicators of Compromise (Attack) (IoC/IoA) lifecycle and subsequent assessment of cyber and information security risks based on anomalous behavior analysis without using predefined patterns to avoid the False Positive rate.
We seek to provide appropriate responses to distributed cyberattacks such as those launched from large botnets that attempt to mask the real attack target. We propose a security model based on the theory of optimal algorithms, to aggregate security indicators of heterogeneous elementary subsystem components into a general system security indicator. The system will leverage statistical models based on nonlinear chaos theory as a mathematical model of intrusion detection.
Time permitting, Baranovskyi and Tkach can also deliver a talk devoted to the cyberattack on Ukraine executed just before the war started back in January, "#attack13 - The compromise of Ukrainian government agencies” - cyberattack January 13-14, 2022. Materials for this talk are available.
Speaker bio: Oleksii Baranovskyi is an experienced cyber security expert with a demonstrated history of working in the academic as well as financial industry. He received his BS, MS, and Ph.D. in Information Security and Technology from the National Technical University of Ukraine “Kyiv Polytechnic Institute” in, respectively, 2005, 2007, and 2015. He started his career in a software product company as a security analyst, proceeded with the banking and financial industry, and continued in a professional cyber security services company and an academic institution. He is a certified trainer of recognized international certifications in cyber security (CISSP, CISM, CEH etc.) Baranovskyi was awarded by National Security Council of Ukraine, State Telecommunication Service and Head of Cyberpolice for his impact of creating and development of cyberpolice and national cybersecurity capabilities. For his scientific research, he was graded by the President of Ukraine award for young scientists in 2018. Oleksii was involved as a subject matter expert in several international projects from OSCE, USAID and CRDF Global during 2015-2022.
Speaker bio: Volodymyr Tkach is a senior lecturer at the Blekinge Institute of Technology, Sweden, and the National Technical University of Ukraine, the “Igor Sikorsky Kyiv Polytechnic Institute." He received his BS and MS in economical cybernetics from the East-Ukrainian National Dahl University in, respectively, 2005 and 2006, and his Ph.D. from the Zaporizhzhya, Private Classic University, Ukraine in 2010. His passion lies in the anomalous user behavior analysis and prediction using machine learning tools and methods. Volodymyr is also passionate about big data processing to gain new knowledge and unveil what is hidden using SIEM systems. His work experience includes over 10 years of teaching at the Cybersecurity Department at the Kyiv Polytechnic Institute, Ukraine, the Foundation for Support of Reforms in Ukraine Project office involvement as a senior project manager in cybersecurity to perform the methodological support of the National Bank of Ukraine, Department of CyberSecurity. Also,he has hands-on experience in open-source intelligence systems designing and implementing, including the patent for the developed software of social networks monitoring.
Faculty host: Inna Partin-Vaisband, vaisband@uic.edu
Date posted
Sep 22, 2022
Date updated
Sep 22, 2022