LogGuideWiki

/var/log is a strange and largely unexplored place full of strange creatures with cryptic names like dmesg, kern.log or syslog. Strangers in this place are sometimes greeted with utterances like RIP: 0010:nl80211_send_chandef+0x142/0x160 [cfg80211]. Should they be worried or is this just kern.log‘s way of saying ‘hello’? LogGuideWiki is a friendly guide to the strange lands […]

Continue reading

Language Theoretic Security

Language Theoretic Security (langsec) is a methodology for ensuring security of communicating software by treating all inputs as untrusted and using formal languages to ensure the validity of transmitted messages. This project is to develop a framework (in the language of your choice) for implementing communicating systems using this methodology, guaranteeing correctness of messages either […]

Continue reading

Security Projects

Security projects Some of these projects would be co-supervised with Patrick Green, CSO at ITS, St Andrews and one with Prof Karen Renaud at Abertay. An email analyser: A script that extract the URLs from emails. We get a lot of phishing emails, and for each one, we have to extract the link manually and […]

Continue reading

Intrusion Detection with Data Mining and AI.

This project is joint between myself and Patrick Green the CSO in IT Services. Essentially we have data on vulnerabilities and threats from OSINT, OSVDB, NIST databases etc. But these are constantly updated. So, ┬áthis a data mining for trends or an AI problem in detecting changes in threats from these databases. A system would […]

Continue reading

Intrusion Detection Data Set Analysis

Using the UNB (University of New Brunswick) IDS data set some analysis of the normal and attack data can be done using PCA, randomForest, SVM etc. However, one of the major issues is that the data is unbalanced and therefore some work in rebalancing may be of use when categorising features of the data. For […]

Continue reading