The School of Computer Science at the University of Windsor is pleased to present...
Technical Workshop Presentation by: Yaser Baseri - Cybersecurity Research and Development Team Lead
DNS User Profiling and Risk Assessment: A Learning Approach
Company Name: Canadian Institute for Cybersecurity
Date: Tuesday, November 22nd, 2022
Time: 12:00 pm – 1:00 pm
Location: 4th Floor (Workshop space) at 300 Ouellette Avenue (School of Computer Science Advanced Computing Hub)
LATECOMERS WILL NOT BE ADMITTED once the presentation has begun.
Nowadays, user profiling is essential in many aspects of the web, in collecting personal information to obtain knowledge. and provide user-specific recommendations and analysis. Social media companies like Twitter, Facebook, Instagram, and LinkedIn commonly collect data related to users’ browsing activities, and their interests, characteristics, preferences, and willingness. Such profiling is a rich resource of data, which can be used to analyze user behaviours, detect anomalous users, and assess risks. In this paper, we propose a DNS user profiling approach to evaluate the risk associated with users’ domain-browsing activities and provide a proactive approach to minimize the risks and threats imposed by them on different domains. The risk profiling approach extracts information related to the domains accessed by users from DNS servers, uses the new graph-based learning mechanism, which is proposed here, and assigns the risk associated with users and domains. To evaluate our risk profiling approach, we extract real data related to DNS queries of Canadian internet users sent to access different domains. The extracted dataset contains DNS query logs including DNS queries requested by users to access domains and the responses they received along with blacklisted high-risk domains. The approach generates a domain similarity graph representing the threat similarities between different domains requested by users. Our graph-based risk assessment approach makes a user profile for each user, based on their activities, and generates a scoring mechanism that aids in analyzing malicious behaviours, scoring associated risks, and detecting the level of security threats imposed by users. Graph-based machine learning and its application in cybersecurity
Prerequisites:
Network general information
Yaser Baseri is a cybersecurity research and development team lead at Canadian Institute for Cybersecurity (CIC), Fredericton, NB, Canada. He obtained his Ph.D. in computer science from the University of Montreal, Canada (2018). He has been a research fellow with an inter-university research center on enterprise networks, logistics and transport (CIRRELT). He was also a research assistant with the Institute of Electronics Research, Sharif University of Technology, Iran. He has been leading/collaborating on several projects including "Post Quantum Cryptography" with Scotiabank, ”Privacy-Preserving Information Sharing” with RBC, ”Secure Access Control in Mobile Cloud” with Natural Sciences and Engineering Research Council of Canada (NSERC), ”Cyber Threat Analytics Data Visualization and Presentation \& Dark Space Analysis for Threat Identification” with Bell and ”Digital Forensics for Smart Grid” with Siemens.