Security Data Analytics — Session 09 — Future Research Directions

*** This material is session 9 from the previous Security Data Analytics and Visualisation course that I led at UWE until 2024. It is now shared for reference purposes. ***

We have covered a lot of ground through this course, from the initial ideas around cyber security analytics, through to managing workflows, machine learning and visualisation, and different applications of analysis that may be required. Of course, future research will continue to evolve and we will see greater uses of data analytics to understand the world around us and how best to secure this.

Visualisation for Cyber Security

The IEEE VizSec conference started in 2004 as the Workshop on Visualization and Data Mining for Computer Security, as a co-located event as part of the IEEE Vis conference — one of the largest International conferences on the topic of data visualisation. The conference is still an integral part of IEEE Vis, and continues to attract high-quality research publications. You can find more details about VizSec at https://vizsec.org/. There is also an online proceedings browser available at https://vizsec.dbvis.de/.

Future of Data Analytics in Cyber Security

Here are just a small sample of articles and further reading that relate to the use of Machine Learning and Data Analytics for Cyber Security, ranging from Connected Autonomous Vechicles, HealthTech, and Industrial IoT — 3 key areas that are seeing significant impact from ML and data analytics, and that will plan an important role within society in our future.

• Introduction to Machine Learning and Splunk (Prof Bill Buchanan)
• The Key Principles of Cyber Security for Connected Autonomous Vehicles
• A Survey on Security Attacks and Defense Techniques for Connected and Autonomous Vehicles
• Health to be on cyber-security’s front line in 2021
• Cybersecurity in healthcare: A narrative review of trends, threats and ways forward
• Securing the Industrial Internet of Things
• Four most hard to solve IIoT security issues

Yet more resources

• Infosec Jupyterthon: A 2 day online workshop for all things Jupyter and how this can be used for InfoSec. With many contributors including speakers from Microsoft, this is a fantastic resource.
• MyBinder: Turns a github repo into an interactive notebook environment for code reproducability.
• GitHub: Online code hosting repositories — over 11 million Jupyter notebooks hosted on GitHub currently.
• Open Threat Research Forge
• Bloodhound Notebooks: Notebooks created to attack and secure Active Directory environments.
• Security Datasets: The Security Datasets project is an open-source initiatve that contributes malicious and benign datasets, from different platforms, to the infosec community to expedite data analysis and threat research.
• ThreatHunter-Playbook
• Canadian Institute for Cybersecurity — Datasets: An excellent data repository with related academic papers

Further Reading

• Peter Hall, Claude Heath, Lizzie Coles-Kemp, Critical visualization: a case for rethinking how we visualize risk and security, Journal of Cybersecurity, Volume 1, Issue 1, September 2015, Pages 93–108, https://doi.org/10.1093/cybsec/tyv004
• Daniel W. Woods and Rainer Bohme. Systematization of Knowledge: Quantifying Cyber Risk
• Aouedi, O., Piamrat, K., Hamma, S. et al. Network traffic analysis using machine learning: an unsupervised approach to understand and slice your network. Ann. Telecommun. (2021). https://doi.org/10.1007/s12243-021-00889-1
• M. A. Ayub, W. A. Johnson, D. A. Talbert and A. Siraj, “Model Evasion Attack on Intrusion Detection Systems using Adversarial Machine Learning,” 2020 54th Annual Conference on Information Sciences and Systems (CISS), 2020, pp. 1–6, doi: 10.1109/CISS48834.2020.1570617116.
• Canadian Research Institute for Cybersecurity Datasets
• Markus Ring, Sarah Wunderlich, Deniz Scheuring, Dieter Landes, Andreas Hotho. A survey of network-based intrusion detection data sets