Detecting Ø-Days Attacks With Learning Intrusion Detection Systems presented at Blackhat Europe 2004

by Stefano Zanero,

Tags: Security

Summary : Traditional anomaly-based intrusion detection systems, relying pattern matching and static signatures, are not really able to keep up with the creation of new forms of attacks, particularly with zero-day attacks. In this talk we will analyze the problem, and present new types of misuse detection systems, based on unsupervised learning techniques, that can complement well traditional IDS systems and help detect zero-days techniques of attack and various other misbehaviours. A proof of concept based on our current research prototypes will be also presented.