EPSRC Reference: EP/E028268/1
Title: System-Smart Intrusion Detection
Principal Investigator: Chivers, Dr H
Other Investigators:
Nobles, Dr P
Researcher Co-Investigators:
Project Partners:
Defence Agencies (Several Grouped) HSBC
Department: Cranfield Defence and Security
Organisation: Cranfield University
Scheme: Standard Research
Starts: 17 July 2007 Ends: 16 July 2010 Value (£): 229,978
EPSRC Research Topic Classifications:
Networks & Distributed Systems
EPSRC Industrial Sector Classifications:
Criminal use of the national network infrastructure is commonplace: blackmail, and phishing (social engineering) alone are significant in economic terms. These activities exploit network hosts that have been previously subverted, by attacks that are becoming increasingly sophisticated. Existing Intrusion Detection Systems (IDSs) are unable to detect new or subtle attacks, and deploying IDS sensors in higher volumes results in high report volumes, but little more effectiveness. This project will show that by taking a system design approach to the choice and configuration of sensors, together with network deployment strategies that allow flexible sensor placement, it is possible to substantially improve the detection of subtle attacks. This work does not focus on improvements to individual intrusion detection components; but rather exploits the synergy that can be obtained by combining the strengths of different types of sensor, in a holistic approach to intrusion management design.
Key Findings
Potential use in non-academic contexts
Organisation Website: http://www.cranfield.ac.uk