04-625 Intrusion Detection Systems
Location: Africa
Units: 12
Semester Offered: Spring
Location: Africa
Units: 12
Semester Offered: Spring
Cybersecurity
Intrusion detection systems (IDSs) constitute an essential component of any network security solution package. Underlying IDSs is a great deal of fascinating mathematics mostly taken from various fields such as Probability Theory, Statistic, and Detection Theory. A good understanding of this mathematical background will enable Security Officers to better appreciate the benefits and limitations of IDSs and prepare them to become better practitioners.
The goal of this course is two-fold. First, it will provide students with hands-on exposure to the mathematical principles and techniques used in intrusion detection. Second, students will experiment with the real-life process of going from a theoretical intrusion detection solution to its implementation. The course will proceed by introducing mathematical concepts on an "as needed" basis, motivated by their direct applications to intrusion detection.
The class consists of lectures, homework assignments, labs, and a class project. Topics covered include an overview of intrusion detection (host and network-based IDSs, techniques of intrusion detection—anomaly and signature-based), a brief review of the mathematical background of IDSs, and case studies of mathematical solutions for IDSs and the issues related to their applications in the real world.
At the end of the course, students will have a good understanding of the techniques used in designing IDS. They will also acquire the practical skills needed to implement IDS in a work environment.
Theoretic Part
Lab
Tips: Install Security Onion (comes with bro, snort, suricata, etc.)
None, but a background in networking, programming, and basic probability would help.