Intrusion Detection Systems
Intrusion Detection Systems
Seminare | 2 SWS / 5 ECTS (Kursbeschreibung) |
Veranstalter: | Mohammad Reza Norouzian |
Zeit und Ort: | Tuesday, 14:00-16:00 01.08.033, Besprechungsraum (5608.01.033) |
Beginn: | 2019-04-23 |
News
- Kick-off meeting slide can be found here . If you could not attend the meeting, no problem. You can also apply by sending your short CV to Mohammad Norouzian (norouzian@sec.in.tum.de) and choosing the course on the matching system.
- Bachelor students can take the seminar as well.
- Introduction slides can be found here .
- The deadline for report submission is 10.07.19.
Kick-Off meeting
kick-off meeting: Tuesday, January 29, 2019 at 17:00 in room 01.08.033.
Registration
Participants are registered by the instructor based on the results of matching.
Contents
An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity. The most common classification is either in network (NIDS) or host-based (HIDS) intrusion detection systems, in reference to what is monitored by the IDS. Network based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior based solely on network traffic. A network IDS, using either a network tap, span port, or hub collects packets that traverse a given network. Using the captured data, the IDS system processes and flags any suspicious traffic. One approach to classify attacks is using anomaly detection method based on machine learning algorithms. Students involve reading and writing papers regarding the basis and state-of-the-art of IDS specially in anomaly detection domain.
Prerequisites
Basics of IT security
Objective
The goal for students is to be acquainted with methods, algorithms and technologies in intrusion detection systems, how to identify malicious activities and how to address the challenges in this domain.
Schedule for Presentations
Title | Speaker | Date |
Mohammad Reza Norouzian |
29.01.19 | |
Introductory information |
Mohammad Reza Norouzian |
23.04.19 |
Anomaly Detection: A Survey | Chirantar Nalawade |
28.05.19 |
A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets | Ece Tanova | |
Intrusion Detection in Computer Networks by a Modular Ensemble of One-Class Classifiers | Johannes Boll | |
On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems | Yannick Gehring |
|
Time Series Analysis: Unsupervised Anomaly Detection Beyond Outlier Detection | Ana Radutoiu | |
Application of deep learning to cybersecurity: A survey | Miruna Gafencu |
18.06.19 |
A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities | Roman Canals | |
Adversarial Attacks Against Intrusion Detection Systems: Taxonomy, Solutions and Open Issues | Erick Quintanar |
25.06.19 |
Defense Methods Against Adversarial Examples for Recurrent Neural Networks | Sven Hoelzel | |
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning | Ana Lacatusu |
02.07.19 |
On the practical integration of anomaly detection techniques in industrial control applications Engineering Edge Security in Industrial Control Systems |
Leon Wenning | |
Analyzing Cyber-Physical Attacks on Networked Industrial Control Systems | Hendrik Hagendorn |
09.07.19 |
State-Aware Anomaly Detection for Industrial Control Systems | Adrian Pesch | |
RNN-based Early Cyber-Attack Detection for the Tennessee Eastman Process A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks |
Emil Suleymanov |
Report Guidelines
How to write a seminar report (link)
How to write a great research paper (link)
Students are strongly encouraged to use Springer LNCS manuscript submission guidelines and IEEE Editorial Style Manual
Avoid making common report writing mistakes: Download the general guidelines
Academic Phrasebank (link)
How to Read a Paper (link)
Topics
Anomaly Detection: A Survey (Chirantar Nalawade)
SENAMI: Selective Non-Invasive Active Monitoring for ICS Intrusion Detection (Yannick Gehring)
Accurate Modeling of the Siemens S7 SCADA Protocol for Intrusion Detection and Digital Forensics (Ana Radutoiu)
On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems (Yannick Gehring)
Stealthy Deception Attacks Against SCADA Systems (Ece Tanova)
Exploiting Siemens Simatic S7 PLCs (Leon Wenning)
Analyzing Cyber-Physical Attacks on Networked Industrial Control Systems (Hendrik Hagendorn )
Intrusion Detection in Computer Networks by a Modular Ensemble of One-Class Classifiers (Johannes Boll)
Toward an efficient and scalable feature selection approach for internet traffic classification (Hendrik Hagendorn )
Analysis of Network Traffic Features for Anomaly Detection (Johannes Boll)
Adversarial Attacks Against Intrusion Detection Systems: Taxonomy, Solutions and Open Issues (Erick Quintanar)
Defense Methods Against Adversarial Examples for Recurrent Neural Networks (Sven Hoelzel)
State-Aware Anomaly Detection for Industrial Control Systems (Adrian Pesch)
HAMIDS: Hierarchical Monitoring Intrusion Detection System for Industrial Control Systems (Adrian Pesch)
Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks (Miruna Gafencu)
Application of deep learning to cybersecurity: A survey (Miruna Gafencu)
A Survey on Advanced Persistent Threats: Techniques, Solutions, Challenges, and Research Opportunities (Roman Canals)
Engineering Edge Security in Industrial Control Systems (Leon Wenning)
High-Performance Unsupervised Anomaly Detection for Cyber-Physical System Networks (Roman Canals)
Time Series Analysis: Unsupervised Anomaly Detection Beyond Outlier Detection (Ana Radutoiu)
A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets (Ece Tanova)
An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems (Chirantar Nalawade)
McPAD : A Multiple Classifier System for Accurate Payload-based Anomaly Detection (Emil Suleymanov)
RNN-based Early Cyber-Attack Detection for the Tennessee Eastman Process (Emil Suleymanov)
A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks (Emil Suleymanov)
DeepLog: Anomaly Detection and Diagnosis from System Logs through Deep Learning (Ana Lacatusu)
Exploiting Traffic Periodicity in Industrial Networks (Ana Lacatusu)
An Overview of IP Flow-Based Intrusion Detection (Erick Quintanar)
Network Intrusion Detection Based on Semi-supervised Variational Auto-Encoder (Sven Hoelzel)
On the practical integration of anomaly detection techniques in industrial control applications (Leon Wenning)