EPSRC logo

Details of Grant 

EPSRC Reference: EP/D071976/1
Title: Operational Research for Context Aware Intrusion Detection
Principal Investigator: Aickelin, Professor U
Other Investigators:
Researcher Co-Investigators:
Project Partners:
Firestorm Computer Security Hewlett Packard ilion Security. SA
Netfort Technologies Limited
Department: School of Computer Science
Organisation: University of Nottingham
Scheme: Advanced Fellowship
Starts: 01 March 2007 Ends: 31 August 2012 Value (£): 621,658
EPSRC Research Topic Classifications:
Artificial Intelligence Mathematical Aspects of OR
EPSRC Industrial Sector Classifications:
Information Technologies
Related Grants:
Panel History:
Panel DatePanel NameOutcome
25 Apr 2006 ICT Fellowships 2006 - Interview Panel Deferred
21 Mar 2006 ICT Fellowships 2006 - Sift Panel Deferred
Summary on Grant Application Form
Computer security and intrusion detection systems are key areas for the future growth and prosperity of the UK. The largest and most difficult problem in the computer security industry today is how to deal with the volume of information as too many false attacks are being reported.The optimisation of intrusion detection, seen through the eyes of an Operational Researcher, can be achieved through appropriate mathematical models, similar to resource allocation problems such as Set Covering. Set Covering Problems are a staple of combinatorial optimisation and scheduling research. They are both mature areas, where current research has advanced to such levels that real-world problems can be solved successfully by using the latest mathematical modelling and heuristic optimisation techniques.It is the aim of this Fellowship to fuse Operational Research and intrusion detection and then transfer the successes of the former into the latter. Through careful mathematical modelling, I intend to transform the intrusion detection problem into a quasi Set Covering problem. I will then use my theoretical results and experience from this area to optimise the central processes. In essence, this will create a context aware intrusion detection system.An important aspect of the Fellowship is the opportunity to broaden my expertise to encompass other areas, notably mathematical modelling of intrusion detection. Such expertise is currently largely absent in the computer security community. I believe that the Fellowship will leave me in an extremely well placed position to start a unique research area at the intersection between Operational Research, optimisation and computer security.The Fellowship is supported by industrial collaborators (100,000+) and the University of Nottingham (70,000+ and PhD studentship).
Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL:  
Further Information:  
Organisation Website: http://www.nottingham.ac.uk