FELIX ERLACHER

Attacks against computer systems are often launched over the Internet or any other computer network. Therefore, attacks or intrusion attempts can be identified by examining network traffic, which is also known as intrusion detection. Traditional Intrusion Detection Systems (IDSs) often rely on signatures or rule sets which are used to describe well-known attacks. Unfortunately, with these systems it is almost impossible to detect novel attacks, because rule sets do not have any information about these attacks. To address this problem, anomaly detection techniques can be used to detect novel attacks by identifying network traffic that deviates from normal behavior. As many different Anomaly Detection Algorithms (ADAs) have been developed for different types of anomalies, it seems to be reasonable to rely on multiple algorithms for intrusion detection. Because algorithms can also be very resource-intensive, they may not be able to keep up with packet rates of today's high-speed networks...

Primary location: Berlin Germany