Mr Maziar Janbeglou
Research | Current
I am interested in finding distributed Internet attacks using data-mining and machine learning to identify malicious patterns in large-scale networks. Currently, I am capturing Internet flow with more than 35,000 users from the University of Auckland's, store them in both SQL and NoSQL databases and passively process the databases to extract the potential attacks.
The main part of my research is to measure the DNS traffic and also investigate on what a client actually does after it gets the remote IP address from the DNS.
Besides, I measure and process the traffic that never uses the DNS. This traffic could be P2P networks, signalling-based protocols such as ICE,STUN, and TURN (https://hacks.mozilla.org/2013/07/webrtc-and-the-ocean-of-acronyms/#sdp) as well as TOR traffic.
Contact me if you are interested in this topic.
Teaching | Current
Lab Demonstrator and Marker
Areas of expertise
Distributed Internet Attacks
Network & Information Security
(ISC)2 Auckland Chapter