Revisiting anomaly-based network intrusion detection systems


Update content

Title Revisiting anomaly-based network intrusion detection systems
Period 04 / 2005 - 06 / 2009
Status Completed
Dissertation Yes
Research number OND1306149
Data Supplier Website Sentinels


Currently available intrusion detection tools monitor events at a relatively low level of abstraction. Due to the large number of events that occur at that level, and due to the low abstraction level, these tools are either ineffective (by generating a large number of false negatives) or inefficient (by generating a large number of false positives). The objective of IPID is to increase both effectiveness and efficiency of these tools by relating low-level events to a smaller number of events at a high level that are meaningful to the business.

Abstract (NL)

De onderzoekers ontwikkelen een methode om indringers zoals wormen en hackers in netwerken te detecteren. Ze werken aan een soort firewall om hele bedrijfsinfrastructuren, zoals bijvoorbeeld het netwerk van ministeries, of de databank van de sociale dienst, te beschermen tegen nieuwsgierige blikken van buitenaf.

Related organisations

Related people

Supervisor Prof.dr. S. Etalle
Supervisor Prof.dr. P.H. Hartel
Project leader Prof.dr. R.J. Wieringa
Doctoral/PhD student Dr. D. Bolzoni


D16200 Software, algorithms, control systems
D16400 Information systems, databases

Go to page top
Go back to contents
Go back to site navigation