Network and Information Security: Role of Intrustion Detection Programs

Ajith Abraham
Norwegian Center of Excellence
Center of Excellence for Quantifiable Quality of Service
Norwegian University of Science and Technology,
O.S. Bragstads plass 2E,
NO-7491 Trondheim, Norway


 In this talk, we first emphasize the role of intrusion detection systems for networks and securing web based information systems. We present some of the challenges in designing efficient Intrusion Detection Systems (IDS), which could provide high accuracy, low false alarm rate, real time operation etc. We further introduce the concept of a Intrusion Detection Program (IDP), which is designed using simple nature inspired computation techniques. IDP analyzes what happens or has happened during an execution and tries to find indications that the computer/network has been misused. Then we illustrate some recent research results of developing distributed intrusion detection systems with a focus on how intruder behavior could be captured using hidden Markov model and predict possible serious intrusions. Finally we present the role of online risk assessment for intrusion prevention systems and some associated results.


[1] Abraham A., Grosan C. and Martin-Vide C., Evolutionary Design of Intrusion Detection Programs, International Journal of Network
Security, Vol.4, No.3, pp. 328-339, 2007.

[2] Abraham A., Jain R., Thomas J. and Han S.Y., D-SCIDS: Distributed Soft Computing Intrusion Detection Systems, Journal of Network and
Computer Applications, Elsevier Science, Volume 30, Issue 1, pp. 81-98, 2007.

[3] Haslum K., Abraham A. and Knapskog S., DIPS: A Framework for Distributed Intrusion Prediction and Prevention Using Hidden Markov Models and Online Fuzzy Risk Assessment, Third International Symposium on Information Assurance and Security, IEEE Computer Society press, USA, ISBN 0-7695-2876-7, pp. 183-188, 2007.

[4] Haslum K., Abraham A. and Knapskog S.,  Fuzzy Online Risk Assessment for Distributed Intrusion Prediction and Prevention Systems, Tenth International Conference on Computer Modeling and Simulation, UKSiM/EUROSiM 2008, Cambridge, UK, IEEE Computer Society Press, USA, ISBN 0-7695-3114-8,  pp. 216-223, 2008.