"Community based intrusion detection"

Date

Mar 25, 2014

Time

11:00 AM - 12:00 PM

Speaker

Dipl..-Inf. Stefan Weigert

Language

en

Main Topic

Informatik

Other Topics

Informatik

Description

Network based intrusion detection systems (NIDS) aim at discriminating benign from malicious communication. While signature and vulnerability based NIDS have proven to reliably detect known attacks, their limited capability of adapting to new threats has boosted interest in research on behavior based NIDS. Behavior based NIDS use machine learning techniques to detect anomalous behavior. However, it is often difficult to determine which properties exactly discriminate malicious from benign traffic. Recent research has shown that one effective and robust way to define anomalous behavior is by using communities of related entities. My doctoral work is concerned with developing techniques that (1) identify communities within Internet traffic, (2) detect anomalous behavior towards these communities and (3) do so in a distributed and scalable way. In my status presentation, I will introduce network based intrusion detection and present related work tackling the involved challenges as well as my contributions to the field. Finally, I will describe my future work in the context of my dissertation.

Last modified: Mar 25, 2014, 8:42:40 AM