Natasha Niemann | Naval Postgraduate School (original) (raw)

Natasha Niemann

Uploads

Papers by Natasha Niemann

Research paper thumbnail of Machine Learning Techniques for Identifying Anomalous Network Traffic

Research paper thumbnail of Using Machine Learning to Predict the Insider Threat in a Network Environment

In the past, cybersecurity professionals relied upon Security Event and Information Management sy... more In the past, cybersecurity professionals relied upon Security Event and Information Management systems to ingest network, server, and host logs to assist in detecting suspicious and malicious activity in the network. Detecting threat activities also included manually inspecting packet captures to glean clues of nefarious activity. Our research involves machine learning. We developed a model that observes the packet headers’ characteristics when a user accessed a remote file server. Data sets were introduced and host-server configurations were used to determine if our classification model was consistent in identifying file access behavior. We were able to predict and classify file access behavior, such as uploading, downloading, deleting, and moving files on a file server, based upon using headers. The results from deriving the classifications were similar when using different host-server configurations and files. Our research demonstrated potential avenues to study file access behav...

Research paper thumbnail of Machine Learning Techniques for Identifying Anomalous Network Traffic

Research paper thumbnail of Using Machine Learning to Predict the Insider Threat in a Network Environment

In the past, cybersecurity professionals relied upon Security Event and Information Management sy... more In the past, cybersecurity professionals relied upon Security Event and Information Management systems to ingest network, server, and host logs to assist in detecting suspicious and malicious activity in the network. Detecting threat activities also included manually inspecting packet captures to glean clues of nefarious activity. Our research involves machine learning. We developed a model that observes the packet headers’ characteristics when a user accessed a remote file server. Data sets were introduced and host-server configurations were used to determine if our classification model was consistent in identifying file access behavior. We were able to predict and classify file access behavior, such as uploading, downloading, deleting, and moving files on a file server, based upon using headers. The results from deriving the classifications were similar when using different host-server configurations and files. Our research demonstrated potential avenues to study file access behav...

Log In