DNS General Anomaly Detection

Malicious DNS activities are precursor to larger cyber attacks. Therefore, the project under the name of DNS_GA_Detection aims to build an application which make use of a machine learning model to detect anomalies in DNS traffic and associate each datapoint flagged out to a specific cyber attack to reduce load on SOC Analysts. However, this project is not at a production stage yet and future improvements include but not limited to fully making use of unsupervised algorithms to improve model transferability. Last but not least, do take note that demo of the project cannot be shown due to a Non-disclosure Agreement with Singtel-Trustwave.


Gallery


Team Members

R&D Engineer
Aung Khant Moe
ISF
Carried out machine learning model testing and developed features such as DNS POV which uses historical trend to detect spikes in network traffic.