Hellhound AI

Scroll

Project introduction

The aim of the Hellhound AI project is to perform a detailed behavioral analysis of users of the study system of the Prague University of Economics and Business and to detect anomalies in their daily behavior using machine learning algorithms. The reason for this analysis is to detect suspicious behavior of users whose login details have been compromised or who are themselves committing illicit use of the study system. The result will be a prototype system with artificial intelligence elements that would be able to detect these anomalies on a daily basis. The challenge will not only be to build a system for one-time detection of suspicious behavior, but we would also like to include the ability to learn in the algorithm. The Hellhound AI project is designed so that other universities from all over the world can join in, collaborate to enhance it and benefit from its deployment.

Team

Ing. Karel Šimeček, Ph.D.

  • Architect SW

Ing. Lukáš Švarc, Ph.D.

  • Senior AI analytics

Ing. Pavel Strnad, Ph.D.

  • Senior AI analytics

Tomáš Skřivan

  • Project Leader – VŠE

Ing. Matěj Kučera

  • SW Developer

Martin Charvát

  • SW Developer

 

Former participants:

Ing. Jaroslav Flégl

Ing. Tomáš Švarc

Ing. Jiří Zettel

Ing. Lukáš Sýkora

Bc. Jiří Mareš

Bc. Jakub Kříž

prof. Ing. Petr Berka, CSc.

prof. RNDr. Jiří Ivánek, CSc.

doc. Ing. Tomáš Kliegr, Ph.D.

Publications

2023

STRNAD, Pavel & ŠVARC, Lukáš. Synthetic Dataset Generator for Anomaly Detection in a University Environment [online]. In: Intelligent Data Analasis, vol. 27, no. 2, pp. 417-422, 2023. Available on: https://content.iospress.com/articles/intelligent-data-analysis/ida216511

 

2021

STRNAD, Pavel. Towards complex anomaly detection algorithms. In: Sborník prací účastníků vědeckého semináře doktorského studia Fakulty informatiky a statistiky VŠE – abstrakty [online]. Praha, 11.02.2021. Praha : Vysoká škola ekonomická v Praze, Nakladatelství Oeconomica, 2021, s. 10. ISBN 978-80-245-2410-8. Available on: https://fis.vse.cz/wp-content/uploads/page/7965/DD_FIS_2021_SBORNIK.pdf.

ŠVARC, Lukáš. Anomaly Detection Algorithms in University Environment. In: Sborník prací účastníků vědeckého semináře doktorského studia Fakulty informatiky a statistiky VŠE – abstrakty [online]. Praha, 11.02.2021. Praha : Vysoká škola ekonomická v Praze, Nakladatelství Oeconomica, 2021, s. 12–13. ISBN 978-80-245-2410-8. Available on: https://fis.vse.cz/wp-content/uploads/page/7965/DD_FIS_2021_SBORNIK.pdf.

ŠVARC, Lukáš & STRNAD, Pavel. Automated Computer Attacks Detection in University Environment. 2021. In: Acta Informatica Pragensia [online]. ISSN 18054951. Available on: https://aip.vse.cz/corproof.php?tartkey=aip-000000-0164

ŠVARC, Lukáš, STRNAD, Pavel. A Comparison of Students Cheating in Computer Face-to-face and Online Examination. In: IDIMT-2021 Pandemics: Impacts, Strategies and Responses [online]. Kutná Hora, 01.09.2020 – 03.09.2020. Linz : Trauner Verlag, 2021, s. 475–482. ISBN 978-3-99113-261-5. Available on: https://idimt.org/wp-content/uploads/2021/08/IDIMT-2021-proceedings.pdf.

 

2020

STRNAD, Pavel, ŠVARC, Lukáš. Benchmarking of anomaly detection algorithms on automated password attacks. In: IDIMT-2020 Digitalized Economy, Societyand Information Management [online]. Kutná Hora, 02.09.2020 – 04.09.2020. Linz : Trauner Verlag, 2020, s. 237–244. ISBN 978-3-99062-958-1. Available on: https://idimt.org/wp-content/uploads/2020/07/IDIMT_proceedings_2020.pdf.

SÝKORA, Lukáš, KLIEGR, Tomáš. Action Rules: Counterfactual Explanations in Python. In: RuleML+RR 2020 International Rule Challenge, Doctoral Consortium, and Industry Track [online]. Oslo, 29.06.2020 – 01.07.2020. Cáchy : CEUR-WS, 2020, s. 28–41. ISSN 1613-0073. Available on: http://ceur-ws.org/Vol-2644/paper36.pdf.

HAHSLER, Michael, JOHNSON, Ian, KLIEGR, Tomáš, KUCHAŘ, Jaroslav. Associative Classification in R: arc, arulesCBA, and rCBA. R Journal [online]. 2019, roč. 11, č. 2, s. 254–267. ISSN 2073-4859. Available on: https://journal.r-project.org/archive/2019/RJ-2019-048/RJ-2019-048.pdf.

 

2019

ZETTEL, Jiří, BERKA, Petr. Study of anonymization techniques for logging data from university information system. In: IDIMT-2019 Innovation and Transformation in a Digital World [online]. Kutná Hora, 04.09.2019 – 06.09.2019. Linz : Trauner Verlag, 2019, s. 237–244. ISBN 978-3-99062-590-3. Available on: https://idimt.org/wp-content/uploads/2019/08/IDIMT-2019-proceedings.pdf.

ZETTEL, Jiří. Anonymization of the University Information System Log Data: a Case Study. In: RuleML+RR 2019 Doctoral Consortium and Rule Challenge [online]. Bolzano, 16.09.2019 – 19.09.2019. Itálie : CEUR-WS, 2019. 8 s. ISSN 1613-0073. Available on: http://ceur-ws.org/Vol-2438/paper4.pdf

KLIEGR, Tomáš, KUCHAŘ, Jaroslav. Tuning Hyperparameters of Classification Based on Associations (CBA). In: ITAT 2019 Information Technologies –Applications and Theory [online]. Donovaly, 20.09.2019 – 24.09.2019. Cáchy : CEUR-WS, 2019, s. 9–16. ISSN 1613-0073. Available on: http://ceur-ws.org/Vol-2473/paper8.pdf

ŠVARC, Lukáš, STRNAD, Pavel. Recent anomaly detection approaches in computer networks. In: IDIMT-2019 Innovation and Transformation in a Digital World [online]. Kutná Hora, 04.09.2019 – 06.09.2019. Linz : Trauner Verlag, 2019, s. 229–236. ISBN 978-3-99062-590-3. Available on: https://idimt.org/wp-content/uploads/2019/08/IDIMT-2019-proceedings.pdf.

Fonds

Project ANDET – Anomaly detection and incident response automation in atypical information systems

Operational Program Technology and Application for Competitiveness

The subject of the project is research and development of a new software solution, the goal of which will be the automated detection of anomalies in non-standard information systems and the automation of reaction mechanisms.

The project will utilize state-of-the-art elements of artificial intelligence, particularly machine learning methods, and their evaluation within a broad spectrum of non-standard information systems. The solution will also include the automation of reactive mechanisms. The security of atypical information systems, developed individually (tailored to each company), is currently mainly addressed at the perimeter of the data network. This approach to cyber security does not assume that an attacker is capable of penetrating the perimeter and causing damage within the infrastructure.

The project will be carried out by the company VISITECH a.s. The project partners include the research organization Prague University of Economics and Business and the business entity ELEBRO CZ. The consortium is thus appropriately expanded with experts in the fields of machine learning and the implementation of advanced systems, adding relevant know-how and experience to the solving team. The solving team comprises 5 academic professionals from Prague University of Economics and Business and 6 experts from ELEBRO CZ.

 

Collaboration

Outputs

Synthetic Dataset Generator for Anomaly Detection in a University Environment

This generator contains anonymised data from the Prague University of Economics and Business information system logs; it is able to scale this data time-wise and also perform injection of the data with cyber-attackers’ behaviour patterns. The anonymised data still contains user behaviour patterns; therefore, individual anomalous behaviour can be detected.Different types of real attack behaviour patterns in the university environment have been selected; they are used to demonstrate attackers’ behaviour in synthetically created system logs.

Download here: https://github.com/HellhoundAI/Synthetic-Dataset-Generator