Ongoing

Federated Learning for Network Security

Federated Learning for Network Security

Student: Pavel Janata

Abstract: The goal is to research and develop a distributed and federated learning architecture for better protection of computers by training a ML model on network attacks. The work includes the migration of current algorithms into the network security problem, then to research variations or new model to address the specific problems of security, then to implement it inside the Slips IDS system.

Global permissionless P2P system for sharing distributed threat intelligence

Global permissionless P2P system for sharing distributed threat intelligence

Student: Martin Řepa

Abstract: The goal of this thesis is to design and implement a global peer to peer networking system to allow reliable, secure and confidential sharing of distributed threat intelligence data using the libp2p project. Unlike standard P2P networks, the system will allow peers to be members of trusted groups to minimise the risk of being targeted by malicious actors.

Messaging protocols shall be designed along with peer discovery and peer routing techniques while utilising peers’ reliability which is assumed to be dynamically computed by a blackbox trust model. The work will incorporate theoretical discussion and if possible practical experiments about its mitigation of known P2P network attacks. Finally, the implementation will be integrated into Stratosphere Linux intrusion prevention system (SLIPS) to allow sharing data with other SLIPS instances.

Detection of computational propaganda according to its spread on the Internet

Detection of computational propaganda according to its spread on the Internet

Student: Ondřej Bouček

Abstract: The goal of this thesis is to test whether it is possible to detect the distribution of computational propaganda by tracking the spread of an article through the Internet. The student will develop and improve the searching tool developed by Stratosphere Laboratory to find which web pages are linking and referencing an article. Then a graph representation of an article distribution found by the searching tool will be created. Next, he must collect a data set of propaganda and non-propaganda URLs. Lastly, the student shall develop various machine learning models to test whether it is possible to detect propaganda using the graph representation approach.

Trust Model for Global Peer-To-Peer Intrusion Prevention System

Trust Model for Global Peer-To-Peer Intrusion Prevention System

Student: Lukas Forst

Abstract: The goal is to design and implement a trust model for distributed multi-agent environments of intrusion prevention systems (IPS). One IPS is the Stratosphere Linux IPS (Slips)[6] which will have a globally distributed peer-to-peer system. With this capability and the fact that peer-to-peer systems are permission-less, Slips determines how much can trust the data from other peers. We aim to solve this challenge and design and implement a trust model as a Slips module. The trust model should be able to evaluate the behavior of other Slips agents (which can also be acting as malicious actors) in a global peer-to-peer data sharing network and compute a trust value. The question that we want to answer is “how much can the local system trust the data coming from the said global peer?”.

The student will analyze different trust models and options to attack them. A new trust model that uses data from Slips will be proposed, and its performance will be evaluated. Finally, the model will be implemented as a module inside Slips and will enable sharing said network data with other nodes running Slips.