background image

Anomaly-based intrusion detection

■ Cyber security is challenged:

– Vast amount of network traffic
– Evolution and sophistication of malicious activities
– Signature-based IDS can’t keep up with the new attacks increasing rate

■ Anomaly-based Intrusion Detection Systems

– Rely heavily on machine learning
– Classify data based on normal or deviant behaviour
– Anomalies can be caused by malicious actors, or performance-related

■ Solution → machine learning classification

4