The increasing reliance on modern information and communication technology (ICT) systems exposes organizations to a wide range of cybersecurity threats. In this context, intrusion detection plays a crucial role in identifying malicious patterns that deviate from expected behavior. Many algorithms can detect intrusions, and the results observed during the training phase (known attacks) are significantly good. However, attacks experienced at runtime will likely differ from those learned during training and thus will be unknown to the IDS. The detection of the unknown is complicated and becomes a distinguishing factor for evaluating an Intrusion Detection System (IDS). In addition, while accuracy in real execution scenarios is important, early detection is essential to minimize the impact of security breaches. This paper is proposed by a 1st-year Ph.D. student and presents the past, ongoing, and future activities to tackle the challenges of early detection of unknowns.
Early Detection of Unknown Attacks with Algorithms for Structured Data / Puccetti, Tommaso. - ELETTRONICO. - (2023), pp. 5-8. (Intervento presentato al convegno IEEE 34th International Symposium on Software Reliability Engineering Workshops tenutosi a Florence (IT)) [10.1109/issrew60843.2023.00033].
Early Detection of Unknown Attacks with Algorithms for Structured Data
Puccetti, Tommaso
2023
Abstract
The increasing reliance on modern information and communication technology (ICT) systems exposes organizations to a wide range of cybersecurity threats. In this context, intrusion detection plays a crucial role in identifying malicious patterns that deviate from expected behavior. Many algorithms can detect intrusions, and the results observed during the training phase (known attacks) are significantly good. However, attacks experienced at runtime will likely differ from those learned during training and thus will be unknown to the IDS. The detection of the unknown is complicated and becomes a distinguishing factor for evaluating an Intrusion Detection System (IDS). In addition, while accuracy in real execution scenarios is important, early detection is essential to minimize the impact of security breaches. This paper is proposed by a 1st-year Ph.D. student and presents the past, ongoing, and future activities to tackle the challenges of early detection of unknowns.
I documenti in FLORE sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
