Provenance-based Forensic and Incident Analysis

Lead Research Organisation: University of Bristol

Department Name: Computer Science

Abstract

This research aims to develop AI based techniques for detecting and interpreting cyberattacks using provenance graphs. Recent work has shown the effectiveness of graph-based machine learning models at detecting attacks in provenance data. However, provenance graphs are extremely complex and thus detected attacks remain difficult to interpret by humans. Therefore, this project will investigate and develop explainable and interpretable machine learning methods for helping humans understand, for example, where an attack originated from, the steps involved in the attack, and the impact of the attack.

Student:

Priyanka Keshav Badva

Period of Study:

Sep 19 - Sep 23

Funder:

EPSRC

Project Status:

Active

Project Category:

Studentship

Project Reference:

2280675

Research Topic:

Unclassified

Organisations

University of Bristol, United Kingdom (Lead Research Organisation)

People	ORCID iD
Ryan McConville (Primary Supervisor)	http://orcid.org/0000-0002-7708-3110
Priyanka Keshav Badva (Student)

Publications

Author Name

Title Publication Date Published

10 25 50

Studentship Projects

Project Reference	Relationship	Related To	Start	End	Student Name
EP/S022465/1			01/04/2019	30/09/2027
2280675	Studentship	EP/S022465/1	23/09/2019	30/09/2023	Priyanka Keshav Badva

Abstract

Organisations

People

ORCID iD

Publications

Studentship Projects