Cyberattacks and Intrusions are becoming increasingly common and sophisticated as time progresses, with attackers employing increasingly sophisticated means of evading network and system security, with the intent of installing malicious software, exfiltrating data or performing malicious actions, all of which may pose serious ramifications for the systems and networks involved if undetected. The first line of defense in defending against these attacks lies with Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), however the current state of research and development of these technologies has several key challenges. These challenges result in organisations and businesses lacking confidence in deploying these systems, hence many will opt to install less sophisticated security measures such as; firewalls and anti-malware products, rendering organisations more prone to attacks and intrusions as a result.
In this online seminar, Ashley will introduce his PhD research and work done so far. He will provide an introduction and history of intrusion Detection and Prevention technology, followed by an overview of the current challenges and problems associated with such systems, which have led to the technology being rendered less effective than its true potential. These issues include the presence of false-positive and false-negative errors within systems and in addition the high-cost of deploying and managing such systems. This online seminar will discuss and summarize some of the recent literature in the field, each of which has aimed to mitigate these issues to varying degrees of success as means of increasing the overall effectivity, accessibility and usability of such systems. This online seminar will then conclude by discussing some of the potential approaches moving forward and how artificial intelligence and machine learning may be incorporated into Intrusion Detection and Prevention systems to effectively mitigate issues with current systems.
Ashley is a current student in the department of CSEEE working towards a PhD investigating Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) and how the application of artificial intelligence and machine-learning within these systems can increase the overall effectivity to effectively reduce false-positives and false-negatives. Whilst also investigating how systems may be developed and deployed in such a way whilst also investigating how the costs of deploying and maintaining an Intrusion Detection and Prevention Systems can be reduced and minimized. Ashley has extensive experience in malware-analysis and his previous research has focused on the analysis of several recent strains of malware/ransomware attacks, which has led to a recent publication Wood & Eze (2020). Ashley’s PhD work hopes to build upon the previous research work carried out by intending to build an effective intrusion detection and prevention system (IDPS) which is able to intelligently detect and recognise the intricate characteristics and behaviours of attacks such as malware and ransomware and other intrusions, to allow the system to respond and take immediate remedial action, to prevent exploitation of networks and underlying systems.