In this talk, we will discuss theory and algorithms for detecting weak, distributed patterns in computer network data. Our focus is on detecting weak patterns in computer networks where the nodes (terminals, routers, servers, etc.) are sensors that provide measurements (of packet rates, user activity, CPU usage, IDS logs, etc.). In particular, we use robust principal component analysis to detect distributed patterns that are not discernible at the level of individual sensors. Robust principal component analysis is an extension of classic principal component analysis that aims to recover low dimensional subspaces corrupted by sparse outliers, and in this talk, we will demonstrate that such methods, when properly phrased, hold promise for anomaly detection during cyber network attacks. The approaches we propose are applicable to many other types of sensor networks including wireless networks, mobile sensor networks, and social networks where anomalous phenomena are of interest.
Randy Paffenroth graduated from Boston University with degrees in both mathematics and computer science and he was awarded his Ph.D. in Applied Mathematics from the University of Maryland in June of 1999. After attaining his Ph.D., Dr. Paffenroth spent seven years as a Staff Scientist in Applied and Computational Mathematics at the California Institute of Technology. In 2006 he joined Numerica Corporation where he held the position of Computational Scientist and Program Director. Dr. Paffenroth is currently an Associate Professor of Mathematical Sciences and Associate Professor of Computer Science at Worcester Polytechnic Institute where his focus is on the WPI Data Science Program. His current technical interests include machine learning, signal processing, large-scale data analytics, compressed sensing, and the interaction between mathematics, computer science, and software engineering, with a focus on applications in cyber-defense.