Difference between revisions of "Anna Sperotto"
(New page: Anna Sperotto) |
|||
| Line 1: | Line 1: | ||
| − | Anna Sperotto | + | |
| + | {| align=right style="display:inline; background-color:#eee; border:4px solid; border-color:#f3f3f3 #bbb #bbb #f3f3f3; margin: 0 0 .9em .9em;" | ||
| + | |- | ||
| + | | align="center" colspan=2 | '''Summary''' | ||
| + | |- | ||
| + | | align="right" | '''Student:''' | ||
| + | | align="left" | Anna Sperotto | ||
| + | |- | ||
| + | | align="right" | '''Title:''' | ||
| + | | align="left" | High-Speed Self-Learning Network Intrusion Detection | ||
| + | |- | ||
| + | | align="right" | '''e-mail:''' | ||
| + | | align="left" | a.sperotto@utwente.nl | ||
| + | |- | ||
| + | | align="right" | '''Affiliation:''' | ||
| + | | align="left" | UT | ||
| + | |- | ||
| + | | align="right" | '''Supervisor:''' | ||
| + | | align="left" | Aiko Pras | ||
| + | |- | ||
| + | | align="right" | '''Committee:''' | ||
| + | | align="left" | | ||
| + | |- | ||
| + | | align="right" | '''Start:''' | ||
| + | | align="left" | 2006 | ||
| + | |- | ||
| + | | align="right" | '''End:''' | ||
| + | | align="left" | 2010 | ||
| + | |- | ||
| + | | align="right" | '''Funding:''' | ||
| + | | align="left" | UT | ||
| + | |} | ||
| + | |||
| + | <DIV style="text-align:justify"> | ||
| + | == Biography == | ||
| + | |||
| + | == PhD project description == | ||
| + | Intrusion Detection (ID) aims to recognise malicious activities in the monitored system, through the | ||
| + | analysis of massive quantities of data (audit data, log files, network packets, flows). In particular, | ||
| + | in the past few year there has been an increasing interest in ID for IP networks, in order to provide | ||
| + | a secure network environment and services. The first phase of ID saw 10/100Mbps networks as protagonists: | ||
| + | the wire speed permitted a deep inspection of all the traffic, as well as the amount of data | ||
| + | allowed the researchers to consider payload based analysis methodologies. Nowadays, this scenario | ||
| + | is not exhaustive anymore. | ||
| + | This PhD project, in front of the the spread of 1-10Gbps technology and the offer of new on-line | ||
| + | services, faces the necessity of developing systems that | ||
| + | can cope with the always increasing network speed and quantity of data to be analysed. | ||
| + | The most promising approach to this problem is in our opinion the use of aggregated network information, | ||
| + | as it is with flow-based techniques. | ||
| + | At the same time, this PhD project also aims to address the problem of adaptability in high-speed networks, i.e. | ||
| + | self-learning solutions that permit a fast reconfiguration of the system in order to recognise new threats | ||
| + | and reduce the need of human interaction. | ||
| + | |||
| + | |||
| + | </DIV> | ||
| + | |||
| + | == References == | ||
| + | # Sperotto, A. and Vliek, G. and Sadre, R. and Pras, A. (2009) Detecting Spam at the Network Level. In: Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop, EUNICE 2009, 7-9 Sep 2009, Barcelona. pp. 208-216. Lecture Notes in Computer Science 5733. Springer Verlag. ISSN 0302-9743 ISBN 978-3-642-03699-6 | ||
| + | # Sperotto, A. and Sadre, R. and Pras, A. (2008) Anomaly Characterization in Flow-Based Traffic Time Series. In: 8th IEEE International Workshop on IP Operations and Management, IPOM 2008, 22-26 September 2008, Samos, Greece. pp. 15-27. Lecture Notes in Computer Science 5275/2008. Springer Verlag. ISSN 1611-3349 ISBN 978-3-540-87356-3 | ||
| + | # Sperotto, A. and van de Meent, R. (2007) A Survey of the High-Speed Self-Learning Intrusion Detection Research Area. In: First International Conference on Autonomous Infrastructure, Management and Security, 21-22 Jun 2007, Oslo, Norway. pp. 196-199. Lecture Notes in Computer Science 4543. Springer Verlag. ISBN 978-3-540-72985-3 | ||
| + | |||
| + | == Additional information == | ||
| + | |||
| + | |||
| + | == External links == | ||
| + | * [_URL_ Homepage] of Anna Sperotto | ||
| + | * Publications of Anna Sperotto, as [http://www.informatik.uni-trier.de/~ley/db/indices/a-tree/_XXXX_ indexed by DBLP] | ||
| + | |||
| + | [[Category:PhD students]] | ||
| + | [[Category:People]] | ||
Revision as of 20:30, 24 November 2009
| Summary | |
| Student: | Anna Sperotto |
| Title: | High-Speed Self-Learning Network Intrusion Detection |
| e-mail: | a.sperotto@utwente.nl |
| Affiliation: | UT |
| Supervisor: | Aiko Pras |
| Committee: | |
| Start: | 2006 |
| End: | 2010 |
| Funding: | UT |
Contents
Biography
PhD project description
Intrusion Detection (ID) aims to recognise malicious activities in the monitored system, through the analysis of massive quantities of data (audit data, log files, network packets, flows). In particular, in the past few year there has been an increasing interest in ID for IP networks, in order to provide a secure network environment and services. The first phase of ID saw 10/100Mbps networks as protagonists: the wire speed permitted a deep inspection of all the traffic, as well as the amount of data allowed the researchers to consider payload based analysis methodologies. Nowadays, this scenario is not exhaustive anymore. This PhD project, in front of the the spread of 1-10Gbps technology and the offer of new on-line services, faces the necessity of developing systems that can cope with the always increasing network speed and quantity of data to be analysed. The most promising approach to this problem is in our opinion the use of aggregated network information, as it is with flow-based techniques. At the same time, this PhD project also aims to address the problem of adaptability in high-speed networks, i.e. self-learning solutions that permit a fast reconfiguration of the system in order to recognise new threats and reduce the need of human interaction.
References
- Sperotto, A. and Vliek, G. and Sadre, R. and Pras, A. (2009) Detecting Spam at the Network Level. In: Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop, EUNICE 2009, 7-9 Sep 2009, Barcelona. pp. 208-216. Lecture Notes in Computer Science 5733. Springer Verlag. ISSN 0302-9743 ISBN 978-3-642-03699-6
- Sperotto, A. and Sadre, R. and Pras, A. (2008) Anomaly Characterization in Flow-Based Traffic Time Series. In: 8th IEEE International Workshop on IP Operations and Management, IPOM 2008, 22-26 September 2008, Samos, Greece. pp. 15-27. Lecture Notes in Computer Science 5275/2008. Springer Verlag. ISSN 1611-3349 ISBN 978-3-540-87356-3
- Sperotto, A. and van de Meent, R. (2007) A Survey of the High-Speed Self-Learning Intrusion Detection Research Area. In: First International Conference on Autonomous Infrastructure, Management and Security, 21-22 Jun 2007, Oslo, Norway. pp. 196-199. Lecture Notes in Computer Science 4543. Springer Verlag. ISBN 978-3-540-72985-3
Additional information
External links
- [_URL_ Homepage] of Anna Sperotto
- Publications of Anna Sperotto, as indexed by DBLP
