no code implementations • 14 Feb 2024 • Cheng Wang, Christopher Redino, Abdul Rahman, Ryan Clark, Daniel Radke, Tyler Cody, Dhruv Nandakumar, Edward Bowen
Results on a typical network configuration show that the RL agent can automatically discover resilient C2 attack paths utilizing both Tor-based and conventional communication channels, while also bypassing network firewalls.
no code implementations • 13 Jan 2024 • Cheng Wang, Akshay Kakkar, Christopher Redino, Abdul Rahman, Ajinsyam S, Ryan Clark, Daniel Radke, Tyler Cody, Lanxiao Huang, Edward Bowen
Command and control (C2) paths for issuing commands to malware are sometimes the only indicators of its existence within networks.
no code implementations • 4 Dec 2023 • Marc Vucovich, Devin Quinn, Kevin Choi, Christopher Redino, Abdul Rahman, Edward Bowen
Federated learning has created a decentralized method to train a machine learning model without needing direct access to client data.
no code implementations • 6 Nov 2022 • Lanxiao Huang, Tyler Cody, Christopher Redino, Abdul Rahman, Akshay Kakkar, Deepak Kushwaha, Cheng Wang, Ryan Clark, Daniel Radke, Peter Beling, Edward Bowen
Reinforcement learning (RL) operating on attack graphs leveraging cyber terrain principles are used to develop reward and state associated with determination of surveillance detection routes (SDR).
no code implementations • 1 Nov 2022 • Dhruv Nandakumar, Robert Schiller, Christopher Redino, Kevin Choi, Abdul Rahman, Edward Bowen, Marc Vucovich, Joe Nehila, Matthew Weeks, Aaron Shaha
The proliferation of zero-day threats (ZDTs) to companies' networks has been immensely costly and requires novel methods to scan traffic for malicious behavior at massive scale.
no code implementations • 12 Oct 2022 • Marc Vucovich, Amogh Tarcar, Penjo Rebelo, Narendra Gade, Ruchi Porwal, Abdul Rahman, Christopher Redino, Kevin Choi, Dhruv Nandakumar, Robert Schiller, Edward Bowen, Alex West, Sanmitra Bhattacharya, Balaji Veeramani
Machine learning has helped advance the field of anomaly detection by incorporating classifiers and autoencoders to decipher between normal and anomalous behavior.
no code implementations • 29 Aug 2022 • Deepak Kushwaha, Dhruv Nandakumar, Akshay Kakkar, Sanvi Gupta, Kevin Choi, Christopher Redino, Abdul Rahman, Sabthagiri Saravanan Chandramohan, Edward Bowen, Matthew Weeks, Aaron Shaha, Joe Nehila
Lateral Movement refers to methods by which threat actors gain initial access to a network and then progressively move through said network collecting key data about assets until they reach the ultimate target of their attack.
no code implementations • 4 May 2022 • Christopher Redino, Dhruv Nandakumar, Robert Schiller, Kevin Choi, Abdul Rahman, Edward Bowen, Matthew Weeks, Aaron Shaha, Joe Nehila
With this paper, the authors' overarching goal is to provide a novel architecture and training methodology for cyber anomaly detectors that can generalize to multiple IT networks with minimal to no retraining while still maintaining strong performance.
no code implementations • 28 Jan 2022 • Tyler Cody, Abdul Rahman, Christopher Redino, Lanxiao Huang, Ryan Clark, Akshay Kakkar, Deepak Kushwaha, Paul Park, Peter Beling, Edward Bowen
Reinforcement learning (RL), in conjunction with attack graphs and cyber terrain, are used to develop reward and state associated with determination of optimal paths for exfiltration of data in enterprise networks.
no code implementations • 20 Aug 2021 • Rohit Gangupantulu, Tyler Cody, Abdul Rahman, Christopher Redino, Ryan Clark, Paul Park
Cyber attacks pose existential threats to nations and enterprises.