||Anomaly detection in multi-layer networks
This project combines concepts from complex network science and cyber-security. Modern infrastructure is built as a network of networks. For example, the Internet depends on access to the power grid, which in turn depends on the power-grid communication network and the energy production network. Research in network anomaly detection systems has focused on single network structures (specifically, the Internet as a single network). The multi-layer structure, though, introduces novel phenomena and calls for new approaches. In this project, the student will study the behavior of existing distributed anomaly detection algorithms in a multi-layer structure.
- Week 1:
- This week, I attended orientation and met with my mentors to discuss the project and my role. During the week, I reviewed the project proposal. I read about related topics to get a better overall understanding of the research. I also began to work on my first presentation.
- Week 2:
- This week, I had a presentation on Monday. I presented a PowerPoint, which included details on the project, my role, my mentors, and my goals. Throughout the rest of the week, I began to learn programming in Python and I started teaching myself how to use Linux. I looked at the already existing code for anomaly detection with postdoctoral associate Gonzalo Suarez.
- Week 3:
- This week, I have continued learning Python and Linux. I finished learning most of the Linux basics, so I focused mostly on Python. On Friday, I started to look at the existing code again. I am going to work on creating a network myself. After I do this, I will start to create graphs of the networks based on the number of neighbors.
- Week 4:
- This week, I have been editing the existing code and analyzing the statistics of the number of neighbors per node. I tried graphing the statistics in a histogram, but was getting slightly off results. It turns out that I wasn't using a big enough sample size, but that was because I was just manually typing in the results into Google Sheets. I am now working on producing a histogram in Python so I can get automated results and use much larger sample sizes.
- Week 5:
- This week, I was working on plotting some graphs. I was able to get the correct sample sizes for the networks I created using the code. I was able to graph networks of size N = 100, 1000, 10000 and see how they got closer to a Poisson distribution as N increased. I then graphed a Poisson distribution with a mean of k = 6, just like the other three distributions, so I could easily compare all four graphs. I began looking into the traffic of a single node in a network, and started reading about things I saw in the code that I wasn't familiar with.
- Week 6:
- This week, I worked on creating multilayer networks and running simulations. Tracking the traffic of a single node in a network was put on hold for now. Instead, I am now going to create two layers of a square lattice network and adjust the connectivity and trust between the two layers. I will generate graphs to determine what other factors, besides trust, affect the accuracy of the algorithm. I will use this is my second presentation as well.
- Week 7:
- This week, I spent most of my time generating networks, making graphs, and comparisons. I worked with square lattice networks, so my conclusions from all the information are based on this kind of network. I was able to evaluate the relationships between trust, connectivity, and accuracy. This will prepare me well to start looking at Erdos Renyi networks as well. I presented all of my information on Friday. I first had to give a refresher on my project, and define things like multilayer networks, DDoS attacks, and more, but then was able to properly explain my research.
- Week 8:
- This week, I generated results from the perspective of an Erdos Renyi network. My results for my presentation were for square lattice networks, but my paper will focus on Erdos Renyi networks, so it was time to look at the results of the Erdos Renyi networks. I saw similarities in the results from the Erdos Renyi networks, when compared to square lattice networks. I began working on my final paper after analyzing the results.
- Week 9:
- This week, I spent most of my time writing and editing my paper. I looked more into networks, DDoS attacks, and other topics I had to introduce in my paper. All in all, I was very happy with my final paper, all of the help I received from my great mentors, and reflected on how much I have learned and gaine from this research experience.