Addressing cybersecurity issues, Celik earned Amazon Research Award - Department of Computer Science - Purdue University Skip to main content

Addressing cybersecurity issues, Celik earned Amazon Research Award

10-23-2024

Berkay Celik, assistant professor of computer science at Purdue University earned an Amazon Research Award for his proposed work titled Time-Preserving Audit Log Reduction: A Scalable Approach for Precise Attack Investigation and Anomaly Detection. Berkay Celik, assistant professor of computer science at Purdue University earned an Amazon Research Award for his proposed work titled Time-Preserving Audit Log Reduction: A Scalable Approach for Precise Attack Investigation and Anomaly Detection.

In the digital age, the volume of data generated by computing systems is astronomical, making it both a challenge and an opportunity for security professionals. One critical source of data for detecting system anomalies and investigating security incidents is the audit log. However, the size of these logs can quickly become unmanageable, slowing down analysis and escalating costs. 

A new research initiative at Purdue University, funded by an Amazon Research Award and AWS promotional credits, seeks to solve this problem.

Led by Z. Berkay Celik, assistant professor in Purdue’s Department of Computer Science, co-director of the Purdue Security Laboratory (PurSec Lab) and member of the Center for Education and Research in Information Assurance and Security (CERIAS), this project focuses on developing techniques to reduce the size of audit logs while preserving a vital component: the timing of events. 

The team also includes Ph.D. students and undergraduate researchers, supported directly by the grant. Their work promises to improve the scalability and effectiveness of log analysis, benefiting both academic research and industries reliant on large-scale computing.

The Challenge

In modern computing environments, audit logs are essential tools for tracking events within a system. They are critical in investigating attacks, identifying security breaches, and diagnosing system faults. Yet, the sheer amount of data these logs generate is overwhelming. 

As Celik explains, "The volume of logs can grow exponentially, making them difficult to store, analyze, and utilize effectively. Our goal is to develop methods to reduce this burden without compromising the precision needed for effective attack investigation and anomaly detection."

The ability to maintain the precise timing of events is particularly crucial. When investigating a security breach, the timeline of events can reveal patterns and sequences that help pinpoint the cause and origin of the attack. Without this temporal information, the ability to reconstruct the attack or detect anomalies diminishes significantly.

The Research 

This project will leverage advanced modeling and statistical techniques to compress audit logs, keeping only the most relevant data. By preserving the timing of events, these compressed logs will still provide a clear picture of how incidents unfolded. The research will also focus on making the analysis of these logs faster and more efficient, reducing both storage costs and time to detection.

The initiative is part of a broader trend in system security, where the aim is to integrate the latest advancements in artificial intelligence (AI) and machine learning (ML) into threat detection processes. Celik envisions a future where AI-driven analysis allows systems to not only detect anomalies but also predict potential attacks before they occur.

Impact and Future Work

The Amazon Research Award offers more than just financial support. It provides access to AWS resources, allowing the team to scale their research more efficiently and explore solutions in real-world, cloud-based environments. The grant will directly enable a Ph.D. student to join the team and contribute to the project, while also offering undergraduate students a chance to participate in cutting-edge research.

“The funding enables us to tackle a significant challenge in systems security,” says Celik. “By improving the scalability of log analysis, we can make systems more resilient to attacks and reduce the time it takes to respond to incidents.”

As the field of systems security continues to evolve, Purdue CS is positioned to make significant strides in the development of tools and techniques that can help keep up with the ever-increasing complexity of modern computing systems. Looking forward, the potential to integrate AI into these solutions represents an exciting frontier, where systems could potentially predict and defend against attacks autonomously.

With threats to cybersecurity becoming more sophisticated and data volumes continuing to grow, innovative solutions are critical. This research aims to deliver a breakthrough in the scalability of audit log analysis, helping organizations and researchers respond faster and more effectively to security incidents. In a field that never stops evolving, staying ahead of the curve is essential—and this project is set to do just that.

About Amazon Research Awards

Amazon Research Awards was founded in 2015 and merged with AWS Machine Learning Research Awards in 2020. The program offers unrestricted funds and AWS Promotional Credits to support research at academic institutions and non-profit organizations in areas that align with Amazon’s mission to advance customer-obsessed science.

About the Department of Computer Science at Purdue University

Founded in 1962, the Department of Computer Science was created to be an innovative base of knowledge in the emerging field of computing as the first degree-awarding program in the United States. The department continues to advance the computer science industry through research. US News & Reports ranks Purdue CS #8 in computer engineering and #19 and #18 overall in graduate and undergraduate computer science. Additionally the program is ranked 6th in cybersecurity, 8th in software engineering, 13th in systems, 15th in programming languages and data analytics, and 18th in theory. Graduates of the program are able to solve complex and challenging problems in many fields. Our consistent success in an ever-changing landscape is reflected in the record undergraduate enrollment, increased faculty hiring, innovative research projects, and the creation of new academic programs. The increasing centrality of computer science in academic disciplines and society, and new research activities—centered around foundations and applications of artificial intelligence and machine learning, such as natural language processing, human computer interaction, vision, and robotics, as well as systems and security—are the future focus of the department. cs.purdue.edu

Last Updated: Oct 23, 2024 2:22 PM

Department of Computer Science, 305 N. University Street, West Lafayette, IN 47907

Purdue University Indianapolis, 723 W. Michigan St., Indianapolis, IN 46202

Phone: (765) 494-6010 • Fax: (765) 494-0739

Copyright © 2024 Purdue University | An equal access/equal opportunity university | Copyright Complaints | DOE Degree Scorecards

Trouble with this page? Accessibility issues? Please contact the College of Science.