Information Technology, Universiti Malaya DR. NOR BADRUL ANUAR BIN JUMAAT Specializes in information and network security, data science and artificial intelligence UMExpert - umexpert.um.edu.my/badrul Google Scholar - bit.do/badrul
largely benefits from NTC by the increased network visibility which translates to greater security control. Depending on the objective of NTC in cybersec, there are plenty of use cases of multiple NTC granularity.
Next-generation firewalls are starting to implement higher NTC granularity. Why? Palo Alto's Next-Gen Firewall is able to detect application services like Facebook-chat and Facebook- post. What if we can profile a network user to the most granular level? Can a network profile be used as a support to prove legal charges in the future? Incident responders analyze enormous traffic dump traces. NTC helps by narrowing down the investigation to a specific application class quickly.
that 73% of Internet traffic is now enrypted! Future NTC engines must be able to classify encrypted traffic accurately. Real-time - Events involving cybersec often require real-time decisions. NTC algorithms must consider some constraints on the algorithm complexity so as to allow it to run in real-time. Data - Publicly available traffic data is scarce. Major factor that contributes to this problem is sensitive data. How can we share traffic data without compromising the confidentiality?
towards machine learning to automate the process. Granular NTC allows greater control of the network. Implementation of NTC in cybersec is critical. E.g. Firewalls, Forensics, Profiling. Encrypted traffic, real-time classification and data availability are among the challenges of NTC