The statistical cyber-security group are developing data science techniques that enable large dynamic computer networks to identify intrusions and anomalous behaviour and therefore protect against cyber-attacks and fraudulent activity. Using statistical methodology, machine learning and Big Data analytics the group develop tools to perform scalable anomaly detection in high volume data streams such as social networks, telecoms networks, network flow data, host-based sensor process-level data, cyber-physical and IoT data, pinpointing deviations from normal behaviour.

Statistical techniques which have been so far been deployed include classification, data mining, streaming data analysis, cluster analysis, change point detection, graph analysis, topic modelling, penalised regression analysis, and machine learning. All of the work is motivated from real computer-network and internet data, with active government and industrial collaborators that include the Government’s National Cyber Security Centre, Los Alamos National Laboratory, QinetiQ, the Heilbronn Institute for Mathematical Research and Crossword Cybersecurity.

Researchers involved