Please click on this link to both register and connect on the day of the event.
Members of the defense committee:
- Prof. Dr. Holger Voos, University of Luxembourg, Chairman
- A-Prof. Dr. Sotiris Kotsiantis, University of Patras, Greece, Deputy Chairman
- A-Prof. Dr. Radu State, University of Luxembourg, Supervisor
- Dr. Sofiane Lagraa, University of Luxembourg, Member
- Prof. Dr. Petko Valtchev, University of Quebec, Montreal, Canada, Member
Abstract:
Nowadays cyber and telecommunication criminal activities are becoming more sophisticated and hazardous. Often, adversaries form large teams composed of hundreds of highly skilled members to raise the level of sophistication and perform well-organized attacks. As such, enterprises face enormous difficulties to detect such attacks and this is confirmed by several studies. The lateral movement attack is a stealthy, persistent and well-organized attack that mainly targets organizations and institutions to exfiltrate sensitive and valuable data. In addition, in the telecommunication industry, it is a matter of major concern to enterprises PBX fraud activities that allow adversaries to make free calls and gain financial benefit.
In this thesis, we develop innovative ensemble learning methods to better detect the lateral movement attack and PBX fraud activities. Our contribution is threefold. First, we propose a supervised and an automatic semi-supervised approach based on ensemble learning to detect all the related activities to the lateral movement attack. Then, we present how to detect PBX fraud activities by developing approaches based on unsupervised learning coupled with ensemble learning. Finally, we propose a one class classification method coupled with ensemble learning that learns unsupervised representations to improve the detection rate of several anomaly detection problems.
Our experimental datasets, extracted from well-known institutions where the privacy and the confidentiality were ensured, support our contributions. In addition, real-life enterprise data, provided by POST Luxembourg, were extracted to address the problem of detecting PBX fraud activities. In this thesis, we provide the motivations of our anomaly detection research project, describe the theory employed to improve state-of-the-art approaches and quantitatively evaluate our methodologies.