KNAW

Research

Revisiting anomaly-based network intrusion detection systems

Pagina-navigatie:


Update content


Title Revisiting anomaly-based network intrusion detection systems
Period 04 / 2005 - 06 / 2009
Status Completed
Dissertation Yes
Research number OND1306149
Data Supplier Website Sentinels

Abstract

Currently available intrusion detection tools monitor events at a relatively low level of abstraction. Due to the large number of events that occur at that level, and due to the low abstraction level, these tools are either ineffective (by generating a large number of false negatives) or inefficient (by generating a large number of false positives). The objective of IPID is to increase both effectiveness and efficiency of these tools by relating low-level events to a smaller number of events at a high level that are meaningful to the business.

Abstract (NL)

De onderzoekers ontwikkelen een methode om indringers zoals wormen en hackers in netwerken te detecteren. Ze werken aan een soort firewall om hele bedrijfsinfrastructuren, zoals bijvoorbeeld het netwerk van ministeries, of de databank van de sociale dienst, te beschermen tegen nieuwsgierige blikken van buitenaf.

Related organisations

Related people

Classification

D16200 Software, algorithms, control systems
D16400 Information systems, databases

Go to page top
Go back to contents
Go back to site navigation