Faculty Advisor

Heineman, George T.

Abstract

In this Major Qualifying Project, we explored utilizing ensemble learning and data visualization to detect lateral movement from Advanced Persistent Threats (APTs) in enterprise networks. We developed a detection framework for analysts to pinpoint malicious events within a cybersecurity dataset from Los Alamos National Laboratory. Our project produced two primary findings: ensemble learning significantly improved the detection rate of malicious events, and a heatmap visualization can provide promising indications of suspicious activity, but remains ultimately insufficient for reliably identifying APTs.

Publisher

Worcester Polytechnic Institute

Date Accepted

October 2017

Major

Computer Science

Project Type

Major Qualifying Project

Accessibility

Restricted-WPI community only

Advisor Department

Computer Science

Available for download on Monday, October 12, 2020

Your accessibility may vary due to other restrictions.

Share

COinS