Research

Revisiting anomaly-based network intrusion detection systems

Pagina-navigatie:

Main

Update Research data

Title	Revisiting anomaly-based network intrusion detection systems
Period	04 / 2005 - 06 / 2009
Status	Completed
Dissertation	Yes
Research number	OND1306149
Data Supplier	Website Sentinels

Abstract

Currently available intrusion detection tools monitor events at a relatively low level of abstraction. Due to the large number of events that occur at that level, and due to the low abstraction level, these tools are either ineffective (by generating a large number of false negatives) or inefficient (by generating a large number of false positives). The objective of IPID is to increase both effectiveness and efficiency of these tools by relating low-level events to a smaller number of events at a high level that are meaningful to the business.

Abstract (NL)

De onderzoekers ontwikkelen een methode om indringers zoals wormen en hackers in netwerken te detecteren. Ze werken aan een soort firewall om hele bedrijfsinfrastructuren, zoals bijvoorbeeld het netwerk van ministeries, of de databank van de sociale dienst, te beschermen tegen nieuwsgierige blikken van buitenaf.

Related organisations

Secretariat	Researchgroup Information Systems (UT)
Collaboration	TNO (TNO)
Financier	Technology Foundation (NWO)
Collaboration	Projects Fund of the Rabobank Group Nederland
Collaboration	Centre for Telematics and Information Technology - CTIT (UT)

Related people

Supervisor	Prof.dr. S. Etalle
Supervisor	Prof.dr. P.H. Hartel
Project leader	Prof.dr. R.J. Wieringa
Doctoral/PhD student	Dr. D. Bolzoni

Classification

A31100	ICT equipment
A55000	Management, accountancy
D16200	Software, algorithms, control systems
D16400	Information systems, databases