• home
• current students
• graduate
• events

Presenter: Jianfeng Liu
Supervisor:

Date: Mon, February 27, 2023
Time: 08:30:00 - 09:30:00
Place: via Zoom - please see link below

ABSTRACT

Join Zoom Meeting

https://uvic.zoom.us/j/83442516909?pwd=U05ndlBzV2crV0pkTGptSFM2UVh0dz09

Meeting ID: 834 4251 6909

Password: 627532

One tap mobile

+17789072071,,83442516909# Canada

+16475580588,,83442516909# Canada

Dial by your location

        +1 778 907 2071 Canada

        +1 647 558 0588 Canada

Meeting ID: 834 4251 6909

Find your local number: https://uvic.zoom.us/u/kebGHcSCyY

ABSTRACT

In today's network environment, network attacks are always present and increasing. Host intrusion detection system, as the last gate of defense in depth, is particularly important. The current host intrusion detection system is based on the agent, through which the agent collects data and information, and then does some analysis before transmission to the information to the controller server. This architecture will bring system maintenance costs in the aspects of expansion, update, and performance. It poses a significant challenge for large-scale deployment. Based on this status, the agentless model of the host intrusion detection system highlights the advantages. This detection system can be used in the condition that the monitored hosts would not feel this monitoring behavior, and in the subsequent expansion, update maintenance and other aspects of the expenditure are less. This project focuses on the data to be collected by the selected agentless intrusion detection system and explores how to improve the efficiency of intrusion detection and reduce the detection of false positives and missed positives by conducting subsequent analysis of the collected data and comparing the effectiveness of machine learning models for classification.