Heineman, George T.
Massachusetts Institute of Technology Lincoln Labo
In this Major Qualifying Project, we explored utilizing ensemble learning and data visualization to detect lateral movement from Advanced Persistent Threats (APTs) in enterprise networks. We developed a detection framework for analysts to pinpoint malicious events within a cybersecurity dataset from Los Alamos National Laboratory. Our project produced two primary findings: ensemble learning significantly improved the detection rate of malicious events, and a heatmap visualization can provide promising indications of suspicious activity, but remains ultimately insufficient for reliably identifying APTs.
Worcester Polytechnic Institute
Major Qualifying Project
Access to this report is limited to members of the WPI community. Please contact a project advisor or their department to request access
Restricted-WPI community only
Available for download on Monday, October 12, 2020
Your accessibility may vary due to other restrictions.