Intrusion Detection Systems
Intrusion Detection Systems
Seminare | 2 SWS / 5 ECTS |
Veranstalter: | Mohammad Reza Norouzian |
Zeit und Ort: | Preliminary Meeting: Thursday 04 February 2021 / 14 h |
Beginn: |
News
- The kick-off meeting slide can be found here. If you could not attend the meeting, no problem. You can also apply by sending your short CV to Mohammad Norouzian (norouzian@sec.in.tum.de) and choosing the course on the matching system.
Schedule
- Preliminary Meeting: Thursday, 04.02.2021, 14.00
Contents
An intrusion detection system (IDS) is a device or software application that monitors a network or system for malicious activity. The most common classification is either in the network (NIDS) or host-based (HIDS) intrusion detection systems, in reference to what is monitored by the IDS. Network-based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior based solely on network traffic. A network IDS, using either a network tap, span port, or hub collects packets that traverse a given network. Using the captured data, the IDS system processes and flags any suspicious traffic. One approach to classify attacks is using an anomaly detection method based on machine learning algorithms. Students involve reading and writing papers regarding the basis and state-of-the-art of IDS, especially in the anomaly detection domain.
Prerequisites
Basics of IT security
Objective
The goal for students is to be acquainted with methods, algorithms, and technologies in intrusion detection systems, how to identify malicious activities and how to address the challenges in this domain.