IoT Thrust Seminar | AI-Powered Malicious Traffic Detection on Wide Area Networks
The machine learning (ML)-based malicious traffic detection system is an emerging security application that can capture advanced attacks based on traffic features. Over a decade of development, these systems have been tentatively deployed at the gateways of enterprise or laboratory networks. However, large-scale traffic detection, which aims to capture attacks among the Tb/s-scale traffic on the wide area networks (WANs), has not yet been realized. In this report, we identified six challenges for applying ML-based traffic detection systems on WANs. Specifically, we built new systems to capture evasive, encrypted, and tunneled attack traffic. Meanwhile, we addressed the practicality issues of explainability, false-positive alarms, and efficiency by establishing theoretical frameworks and hardware platforms.
Kevin Chuanpu Fu is a fifth-year Ph.D. candidate co-advised by Prof. Xu Ke and Prof. Qi Li at the Department of Computer Science and Technology, Tsinghua University. His research focuses on network security and machine learning for security. Currently, he is a visiting scholar at Purdue University, mentored by Prof. Bertino, the Vice President of ACM.
To date, seven of his papers have been accepted at the four top-tier security conferences, as recommended by CS Ranking. His recent hardware paper earned the Distinguished Paper Award at Security’23. Owing to these publications, he has been awarded the National Scholarship twice.
Additionally, he has served as reviewers for several publications, including IEEE/ACM ToN, IEEE TKDE, and IEEE EuroS&P. This year, the USENIX Security awarded him the Distinguished Artifact Reviewer Award.