Category Archives: Publication

Statistical Evaluation of Artificial Intelligence -Based Intrusion Detection System

Training neural networks with captured real-world network data may fail to ascertain whether or not the network architecture is capable of learning the types of correlations expected to be present in real data. In this paper we outline a statistical model aimed at assessing the learning capability of neural network-based intrusion detection system. We explore […]

JAMK High Performance Computing

JAMK has two Data Analytics projects funded by European Regional Development Fund (ERDF): New Business Innovations from Data Analytics and Information Secure R&D-environment for Data Analytics. The focus of the Information Secure R&D environment for Data Analytics project is on implementing the needed investments in order to plan, build and deploy an integrated, information secure […]

A Design Model for a Degree Programme in Cyber Security

The need for skillful cyber security workforce has increased dramatically during the last ten years. The contents of the degree programmes have not been able to respond to this need adequately and the curriculum contents have not always met the industry’s knowledge needs. In this paper, we describe a model for designing a degree programme […]

Network Anomaly Detection Based on WaveNet

Increasing amount of attacks and intrusions against networked systems and data networks requires sensor capability. Data in modern networks, including the Internet, is often encrypted, making classical traffic analysis complicated. In this study, we detect anomalies from encrypted network traffic by developing an anomaly based network intrusion detection system applying neural networks based on the […]

Pedagogical Aspects of Cyber Security Exercises

Cyber security exercises (CSE) are complex learning experiences aimed at developing expert knowledge and competence through simulation. In this paper we examine pedagogical issues relating to CES, from exercise design to training results and evaluation. In addition, we present a Deliberate Practice -oriented view on expert and competence development for CSEs. We use data gathered […]

Requirements for Training and Evaluation Dataset of Network and Host Intrusion Detection System

In the cyber domain, situational awareness of the critical assets is extremely important. For achieving comprehensive situational awareness, accurate sensor information is required. An important branch of sensors are Intrusion Detection Systems (IDS), especially anomaly based intrusion detection systems applying artificial intelligence or machine learning for anomaly detection. This millennium has seen the transformation of […]

Anomaly-Based Network Intrusion Detection Using Wavelets and Adversarial Autoencoders

The number of intrusions and attacks against data networks and networked systems increases constantly, while encryption has made it more difficult to inspect network traffic and classify it as malicious. In this paper, an anomaly-based intrusion detection system using Haar wavelet transforms in combination with an adversarial autoencoder was developed for detecting malicious TLS-encrypted Internet traffic. […]

Blue Team Communication and Reporting for Enhancing Situational Awareness from White Team Perspective in Cyber Security Exercises

Cyber security exercises allow individuals and organisations to train and test their skills in complex cyber attack situations. In order to effectively organise and conduct such exercise, the exercise control team must have accurate situational awareness of the exercise teams. In this paper, the communication patterns collected during a large-scale cyber exercise, and their possible […]

On Application-Layer DDoS Attack Detection in High-Speed Encrypted Networks

Application-layer denial-of-service attacks have become a serious threat to modern high-speed computer networks and systems. Unlike network-layer attacks, application-layer attacks can be performed by using legitimate requests from legitimately connected network machines which makes these attacks undetectable for signature-based intrusion detection systems. Moreover, the attacks may utilize protocols that encrypt the data of network connections […]

Weighted Fuzzy Clustering for Online Detection of Application DDoS Attacks in Encrypted Network Traffic

Distributed denial-of-service (DDoS) attacks are one of the most serious threats to today’s high-speed networks. These attacks can quickly incapacitate a targeted business, costing victims millions of dollars in lost revenue and productivity. In this paper, we present a novel method which allows us to timely detect application-layer DDoS attacks that utilize encrypted protocols by […]