School of Infocomm (SOI)

Real-Time Malware Threat Feed Analysis System

With the number of cyberattack cases constantly on the rise, more systems and network are getting breached.

Main Aim of the Project: 

• In this project, data of cyber threats are obtained and projected on various dashboard visualisation in SPLUNK to perform malware classification, correlation, and reporting.

• From the projections, security analysts will have a better understanding of an attack that has occurred.

• With the information, they will be able to identify and deduce potential threats and carry out actions to prevent similar attacks from happening in the future.

Team Members: 
Cody Wong Shi Jie, Keith Kng Wei Xuan, Gan Ren Jie, Loo Zi Xiang

Supervisor:
Ms Mapel Yap

Threat Intelligence Using Machine Learning

Partner Organisation: RSA Security 

Manual classification of Indicators of Compromise (IOCs) in threat intelligence is unscalable and inefficient. This project aims to automate the classification of indicators and incidents through a combination of Machine Learning and Orchestrator Playbooks.

Automated System Solution: 

An automated system with machine learning is developed to assist in classification of IOCs as a security analyst would manually do.

It includes working with network captures, Security Information and Event Management (SIEM) software (MISP) to collect incidents was well as a threat intelligence platform (RSA Netwitness® Orchestrator) for classification purposes.
 

Team Members: 
Grace Lim, Lin Li Yi

Supervisor:
Ms Mapel Yap

Baseline Analyser

Partner Organisation: RSM Risk Advisory Pte Ltd

IT auditors have to manually log in to the PCs to conduct a check on whether the settings match the company’s policies and best practices. As this is conducted annually, similar issues are usually raised during an audit in the following year. Although commercial tools are available to tackle this issue, they are simply too costly for Small and Medium Enterprises (SMEs).

Main Aim of Project: 

This project aims to develop scripts to allow an auditor to select hardening requirements from the best practices, perform the audit and generate the necessary report(s). In addition, auditors can select between basic, intermediate, advanced, or customise the hardening requirements to perform an audit remotely.
 

Team Members: 
Danne Ziqcri B Mohammad Faizal, Ng Zheng Soon, Pang Jun En Javier, Wong Jun Wei

Supervisor:
Mr Derrick Wong

Back to top of page

Cyber Combat CTF Training Platform

Cyber Combat CTF Training Platform leverages the Capture The Flag (CTF) concepts with gamified sets of challenges designed to help students and security professionals learn and practise their cybersecurity skills. The platform is also used in outreach for creating cybersecurity awareness. 

CTF Security-based Scenarios: 

In collaboration with our industry partner, IXIA, the training platform consists of CTF scenarios based on the latest security incidents.

These CTF scenarios involve implementation of hacking techniques, such as web-applications, operating system and taking advantage of vulnerability, replicated in an isolated environment.
 

Team Members: 
Chen Xing Xing, Aloysius Yap Kay Hown, Goh Jia Ye

Supervisors:
Ms. Mapel Yap (Republic Polytechnic), Mr. Jay Krishna (IXIA)