Massive data, adversarial activities, changing environments and lack of real labeled training datasets are challenging the successful protection of computer systems and networks by means of IDSs. Solving these problems guarantees the efficiency and effect iveness of IDSs and thus contributes to providing secure network systems. Expert systems, such as SNORT , are unable to deal with massive data and adversaries, since in these systems, manual coding of attack patterns costs a lot of effort and time. Moreover, the systems are often easy targets of evasion and obfuscation activities. Existing computational-intelligence-based IDSs with offline-learning algorithms require frequent complete o²ine re-training to improve the attack analysis and to learn new at tacks. When the training dataset is very large, these IDSs become impractical to adapt to dynamic environments. Furthermore, the training process requires a real labeled dataset that is diffcult to obtain due to privacy and labeling methodology issues. The research aims to produce the following outputs: (1) New generative methods for online-learning in intrusion detection systems that comprises embedded-online feature-selection, (2) two scientific papers in top-ranked conferences on machine learning (i.e .: NIPS: Neural Information Processing Systems) and on security (i.e.: RAID: Recent Advances in Intrusion Detection), and (3) one article in the prestigious Journal of Machine Learning Research.
Project leader: Katrin Franke
Category: Statlige høyskoler
Institution: HØGSKOLEN I GJØVIK AVD FOR INFORMATIKK OG MEDIETEKNIKK