KEYWORD |
TNG
Machine Learning for Automated Network Security Log Analysis
Parole chiave CYBERSECURITY, DATA SCIENCE, LANGUAGE MODELS, MACHINE LEARNING, NETWORKS, NLP
Riferimenti MARCO MELLIA, LUCA VASSIO
Gruppi di ricerca DATABASE AND DATA MINING GROUP - DBDM, SmartData@PoliTO, Telecommunication Networks Group
Descrizione Network security analysts are a key component of an organization's defence infrastructure. They continuously and manually analyze security alarms and logs to make decisions about undesired intrusions.
Large Language Models (LLMs) and Machine Learning at large demonstrated huge potential in processing texts. The research will investigate and evaluate the capabilities of LLM agents in automating the manual investigations of the security analyst. This would assist them in analysis and incident reporting.
We will consider using LLMs to automatically analyse logs collected by honeypots and packet traces collected from live networks to derive useful information for the security analysis of incidents.
The thesis requires solid programming skills and the fundamentals of machine learning. A knowledge on LLM would be useful but not mandatory.
Conoscenze richieste - Good programming skills (such as Python and Spark)
- Machine Learning knowledge (such as Torch, Tensorflow)
- Basics of NLP
- Basics of Networking and security
Note Possible graduation prize of 2000 euros.
A GPA of at least 27/30 is requested.
Scadenza validita proposta 12/01/2025
PROPONI LA TUA CANDIDATURA