Network Attack Impact Analysis and Counter Measure Deployment via the Application of Behavioural Engines

University of Glamorgan - Faculty of Advanced Technology
Programme of Research:

Behavioural engines are a new and more effective approach than the traditional, large, rule-based engines. In particular they are far more effective at eliciting tacit knowledge and maintaining internal self-consistency, which in turn produces a system that is easier to adapt as systems change. This makes behavioural engines an attractive proposition for analysing CNA, as attacks are becoming more complex and are continually adapting. However the application of such engines to this area has not been researched. Instead basic rule-based systems is the nearest available technology.

The aim of this PhD project is to research the basic methods by which such engines can be applied and based on the best of those methods examine the feasibility of real-time computer network attack impact assessment and response being performed via the application and extension of a multi-attributed based heuristic behavioural engine.

This PhD project will seek to create a system that is capable of receiving computer network defence and computer network management data in real time and perform an impact analysis calculation of for the selection and deployment of a policy driven security countermeasure via the Application of Behavioural Engines. Thus the goals are:

•To extend the core behavioural engine to support the policy-directed assimilation and analysis of multiple data sources across multiple security domains.
•To utilize a policy engine for the selection and deployment of security countermeasures across multiple security domains.
•To validate the feasibility of such an approach will via the construction and execution of a proof of concepts demonstrator.
Please note: the studentship is open to persons holding UK/EU passports only.

Applications are invited, from highly motivated individuals with a good first degree in a computing related degree (2.1 or higher), for a full-time PhD position in the Faculty of Advanced Technology at the University of Glamorgan. Relevant subject expertise in computer network attack / computer network defence / behavioural engines would be beneficial, but not required. The student will be required to undergo a UK government security check.

A bursary amount of £13,290 (tax free) and UK/EU fees will be paid.

The closing date for applications is 19th February 2010 and interviews will be held on week beginning 22nd February 2010.

Contact details
Name: Dr. Huw Read
Address: Faculty of Advanced Technology, University of Glamorgan, CF37 1DL
Telephone: 01443 654287
Email: isrg [at] (replace [at] with @)

Original reference: