Intrusion Detection Systems

Seminare	2 SWS / 5 ECTS
Veranstalter:	Mohammad Reza Norouzian
Zeit und Ort:	Preliminary Meeting: Thursday 04 February 2021 / 14 h
Beginn:

The lecture is given in english

The slides are available in english

The exam will be in english

News

The kick-off meeting slide can be found here. If you could not attend the meeting, no problem. You can also apply by sending your short CV to Mohammad Norouzian (norouzian@sec.in.tum.de) and choosing the course on the matching system.

Schedule

Preliminary Meeting: Thursday, 04.02.2021, 14.00

An intrusion detection system (IDS) is a device or software application that monitors a network or system for malicious activity. The most common classification is either in the network (NIDS) or host-based (HIDS) intrusion detection systems, in reference to what is monitored by the IDS. Network-based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior based solely on network traffic. A network IDS, using either a network tap, span port, or hub collects packets that traverse a given network. Using the captured data, the IDS system processes and flags any suspicious traffic. One approach to classify attacks is using an anomaly detection method based on machine learning algorithms. Students involve reading and writing papers regarding the basis and state-of-the-art of IDS, especially in the anomaly detection domain.

Prerequisites

Basics of IT security

Objective

The goal for students is to be acquainted with methods, algorithms, and technologies in intrusion detection systems, how to identify malicious activities and how to address the challenges in this domain.