Anomaly-based intrusion detection
■ Cyber security is challenged:
– Vast amount of network traffic
– Evolution and sophistication of malicious activities
– Signature-based IDS can’t keep up with the new attacks increasing rate
■ Anomaly-based Intrusion Detection Systems
– Rely heavily on machine learning
– Classify data based on normal or deviant behaviour
– Anomalies can be caused by malicious actors, or performance-related
■ Solution → machine learning classification
4