High-volume and complex data flows make it difficult to detect cyber-fraud, particularly if the fraud is specific or one-off in nature. Bram Cappers devoted his PhD research at the TU/e Department of Mathematics and Computer Science to solving this problem and is now taking the system he developed, EventPad, to market. Housed in a start-up aptly called AnalyzeData, the system processes enormous volumes of data and presents it visually, in the form of coloured blocks, thereby enabling the user to detect suspicious or deviating patterns with relative ease.
“Large numbers of computer viruses are difficult to detect, as they are getting more and more complex, and are targeting very specific facilities, often striking only once,” Cappers says, explaining that the only detection solution is to analyse data being transferred onto networks and to search for suspicious patterns.
That is easier said than done, though, as fully automated techniques for sifting through the data generate many false alarms, requiring a human inspection to decide which of the alerts do indeed signal danger.
(Audio: Listen to the Radio4Brainport interview with Bram Cappers and Jack van Wijk, his PhD supervisor).
(See also: Cyber Resilience Centre in Brainport Eindhoven)
“Automated techniques are extremely fast, and can process large amounts of data, but are not perfect. With AnalyzeData, we turn this around. We start with the human user, who looks at the data which has been converted into visual form. Any grey areas that remain after applying the techniques can then be investigated using automated techniques”.
He views visual analytics as a powerful combination of automation and human interaction. “Humans will always play a role in the analytics – after all, humans are the ones designing viruses to circumvent systems, which means we need human knowledge on the defender side to spot these kinds of viruses”.
Cappers’s PhD thesis was completed under the supervision of visualisation expert Prof di. ir. Jack van Wijk and security specialist Prof dr. Sandro Etalle. Describing the model that was developed, Van Wijk says, “The focus is very heavily on interactive visualisation. With Cappers’s systems, he enables people to bring in their knowledge, to easily define new rules [for looking at the data], and to look at the data from different perspectives. We hope that this will enable people to detect fraud much more easily”.
(See also: Why Europe should have its own AI centre)
(See also: TU/e Spin-off SecurityMatters acquired for $113m)
Pulling results from academia into industry takes some time, Cappers says. To drive the process of testing the usefulness and rigour of his findings, he participated in various industry events, winning the IEEE Visual Analytics Challenge in 2017, and the ICT.OPEN Best Demo Award in 2018.
With the financial backing of a business in the VoIP industry, Cappers, his brother Dennis and colleague Josh Mengerink, co-founded AnalyzeData. “We visited many companies to see where we can deploy the system, and how we should go from here. People are really enthusiastic about this, and we are now in a scale-up phase, to be able to deploy this model for extremely large amounts of data”.
(See also: Collaboration KPN TUe Telecom Tech)