Adversarially Robust Decision Trees Against User-Specified Threat Models

In the present day we use machine learning for sensitive tasks that require models to be both understandable and robust. Although traditional models such as decision trees are understandable, they suffer from adversarial attacks. When a decision tree is used to differentiate between a user's benign and malicious behavior, an adversarial attack...

Runtime analysis of Android apps based on their behaviour

In the modern world, Smartphones are everywhere and Android is the most used operating system. <br/>To protect these devices against malicious actions, the behaviour of Android apps needs to be studied.<br/><br/>Current tooling does not provide complete insight into the behaviour of an Android app.<br/>A tool was built to observe what goes on...

Anomaly detection and diagnosis in ASML event log using attentional LSTM network

In the ASML test system, all activity events of the test are continuously recorded in event logs, and these logs are intended to help people diagnose the root cause of a failure. However, due to the large scale of the logs, manual inspection of these logs consumes lots of effort and time, and the lack of expert knowledge of engineers makes the...

Identifying Anomalous Transitions in SIP Traffic: Using PDFA State Merging

The analysis of lawfully intercepted traffic is a key part of many investigations of criminal activity. This makes it vitally important that the intercepted data is correct and that issues with the configuration of the network or interception solution do not contain errors. A late discovery of a problem in either the network setup or the traffic...

Log Differencing using State Machines for Anomaly Detection

Huge amounts of log data are generated every day by software. These data contain valuable information about the behavior and the health of the system, which is rarely exploited, because of their volume and unstructured nature. Manually going through log files is a time-consuming and labor-intensive procedure for developers. Nonetheless logging...

Behaviour Modelling and Anomaly Detection in Smart-Home IoT Devices

The usage of Internet of Things (IoT) devices has been exponentially increasing and their security is often overlooked. Hackers exploit the vulnerabilities present to perform large scale attacks as well as to obtain privacy-sensitive information. Resource constraints combined with a lack of incentives for manufacturers makes it harder to...

Learning State Machines from data streams and an application in network-based threat detection

Our increasingly interconnected society poses large risks in terms of cyber security. With network traffic volumes increasing and systems becoming more connected, maintaining visibility on IT networks is a challenging yet important task. In recent years the number of cyber threats have increased dramatically. Monitoring and threat detection are...

A Robust Solution to Train Shunting using Decision Trees

This research tackles the Train Unit Shunting Problem (TUSP) in train maintenance service sites. Many researches focus on producing feasible solutions, but only a few of them concentrate on the robustness of solutions. In reality, it is preferred to generate robust plans against unpredictable disturbances. Besides, the approach is expected to...

Solving Train Maintenance Scheduling Problem with Neural Networks and Tree Search

The Train Maintenance Scheduling Problem (TMSP) is a real-world problem that aims at complete maintenance tasks of trains by scheduling their activities on a service site. Common methods of constructing optimal solutions to this problem are difficult as the problem consists of several highly-related sub-problems. Currently, NS is using a lo- cal...

Predicting vulnerable files by using machine learning method

Web applications have been gaining increased popularity around the globe, in such a way that a growing number of users are attracted to make use of the functionality and information provided by these applications. While providing solutions to complicated problems in a fast and reliable way is one of the most advantages of using web applications,...

Project Mapyen: A network analysis tool to identify anomalous host behaviours

The evolution of the cyber threat landscape drives companies towards state-of-the-art security monitoring techniques. Adyen, a payment service provider company, has both legal and moral obligations to perform security monitoring within the company to remain an ethical and sustainable business. The challenge is to uncover a well-founded solution...

Vulnerability Detection in Mobile Applications Using State Machine Modeling

Mobile applications play a critical role in modern society. Although mobile apps are widely adopted, everyday news shows that the applications often contain severe security vulnerabilities. Recent work indicates that state machine learning has proven to be an effective method for vulnerability detection in software implementations. The state...