Traffic Anomaly Analysis over Enterprise Networks
Zhijiang Chen
May 18th, 1:00 pm – 2:00pm
Conference Room – YR 459
Dept. of Computer and Information Sciences, Towson University
Dissertation Committee:
Wei Yu (Chair), Chao Lu, Alexander Wijesinha, and Michael McGuire
An enterprise network is an information communication network that helps connect computers and related devices across working groups and departments, facilitating data accessibility and sharing. Nonetheless, the unyielding trend of increasing cyber threats has made cybersecurity paramount in protecting personal and private intellectual property on enterprise networks. In this dissertation research, we aim to provide a secured and efficient operation environment for high volume data streams associated with traffic and threat analysis on enterprise networks. First, we develop a streaming-based threat monitoring and detection system to rapidly analyze highly intensive network traffic data in real-time and utilize streaming-based clustering algorithms to detect abnormal network activities. Second, we develop a cloud computing-based framework to assist network traffic monitoring and threat detection for achieving better analysis performance, and make critical infrastructure within enterprise networks secure. Lastly, we conduct an investigation on the scalability of the system by leveraging the concept of edge computing.