Presentation Title: 360° Anomaly Based Intrusion Detection
Presentation Details:

In this talk, after briefly reviewing why we should build a good anomaly-based intrusion detection system, we will present two IDS prototypes developed at the Politecnico di Milano for network and host based intrusion detection through unsupervised algorithms. We will then use them as a case study for presenting the difficulties in integrating anomaly based IDS systems (as if integrating usual misuse based IDS system was not complex enough…). We will then present our ideas, based on fuzzy aggregation and causality analysis, for extracting meaningful attack scenarios from alert streams, building the core of the first 360° anomaly based IDS.

About Stefano

Stefano Zanero received a Ph.D. degree in Computer Engineering from the Politecnico of Milano technical university, where he is currently spending his post-doc. His current research interests include the development of Intrusion Detection Systems based on unsupervised learning algorithms, security of web applications and computer virology. He has been a speaker at international scientific and technical conferences, and he is the author and co-author of books and articles published in international, peer reviewed journals and conferences. He is a member of the board of the “Journal in Computer Virology”, and acts as a reviewer for the “ACM Computing Reviews” and “IEEE Security&Privacy”, as well as various primary international conferences. He is a member of the IEEE, the ACM, and a founding member of the Italian Chapter of ISSA. He has also been a columnist for Computer World Italy, and has been awarded a journalism award in 2003. Since 2004 he is a partner and CTO of Secure Network, a firm specializing in information security training and consulting, based in Milan.