Smart Cyber-Attack Detection and Mitigation in Critical Network Infrastructure

The project is a UK-Vietnam research collaboration on critical network infrastructure cyber-security. The upsurge in Vietnamese ICT adoption has surpassed the availability of qualified cyber-security experts, meaning that critical infrastructure networks (e.g. banking, government, transport and utilities) are at risk. This cyber-threat is a major challenge facing Vietnam, and has far-reaching consequences such as public safety, economic prosperity and societal trust.

This project aims to develop a new, effective and automation-focused solution to detect and eradicate cyber-attacks linked to network backbone devices within critical network infrastructure. This requires an exchange of knowledge and skills from LJMU, which are a UK-leading university specialising in critical infrastructure security and forensics, in collaboration with LQDTU, which are a leading technological university in Vietnam with specialisms in machine learning and large-scale simulation.

Prof Shi (LJMU) and Dr Tran (LQDTU) will jointly co-ordinate the project and develop a long-term strategic plan for future collaboration, through in-person meetings, memoranda and teleconferences. This will investigate and identify main cyber-security attacks against the network backbone in Vietnam. It will cover various issues, including identifying: reasons for network breaches, problematic security trends, persistent and common threats faced, commonly-targeted network architectures and typically deployed devices. This will be led by Dr Tran from LQDTU, who will collate information from discussions with LJMU and LQDTU research teams, and with UK and Vietnam-based industrial contacts.

Purpose: 

The project will focus on automating protection of network backbone devices (i.e. routers/switches). These devices typically fall outside common security protection because they are perceived as part of the network infrastructure with a low risk to cyber-threats. However, such devices are increasingly targeted by cyber-attacks that utilise growing functionalities powered by techniques such as software defined networks. Existing work is ineffective in tackling these attacks. Our developed solution will detect persistent threats (identified in WP2) targeting the network backbone (e.g. routing table poisoning) and malicious activities linked with such attacks (e.g. botnets), and mitigate their impacts, with much improved effectiveness. It will also focus on forensically-sound acquisition and preservation of evidence to support cybercrime investigations. 

The project team is working on devising:

1. Produce the solution based on machine learning using data aggregated from backbone devices.
2. Devise a context-aware approach for autonomously tracking and identifying devices with similar vulnerabilities to facilitate pro-active threat mitigation.
3. Develop a complimentary technique to record, report and disseminate the information on the detected malicious activities.

Did you know?

• Vietnam has one of the largest population to Internet-user ratios of any developing country.
• Vietnam is currently Asia’s 7th largest Internet-using country despite being its 17th largest population.
• Vietnam currently ranks 8th in the world for computer malware infections.

Project Aims:

• Develop novel and automation-focused solutions to identify cyber-threats targeting critical networks.
• Utilise cutting-edge deep-learning techniques to improve accuracy and reduce human dependency.
• Improve network backbone device protection and advanced persistent threat detection.

The novelty of this research is that there are currently no effective techniques specifically protecting network backbone devices within the network infrastructure. The proposed solution will create a new capability to rectify this problem. It will also facilitate existing localised network protection to proactively expand into the wide network infrastructure to provide much earlier, more effective and collaborative cyber-attack detection/prevention.

Project Targets:

• Exchange knowledge and skills between Liverpool John Moores University (UK) and Le Quy Don Technical University (Vietnam).
• Demonstrate solutions’ capabilities using real-world inspired case study.
• Enhance Vietnamese cyber-security research excellence capabilities.
• Contribute towards reducing economic and social losses caused by cyber-crime.

The project is funded by the Royal Academy of Engineering through the Newton Collaborative Fund.