CONF-SPML 2024
  1. Home
  2. Workshop | Portsmouth

Workshop Title:

Intrusion Detection using Machine Learning

Date:

January 15th, 2024 (GMT)

Organizer:

University of Portsmouth, UK

Keywords:

  • Cybersecurity
  • Machine learning
  • Intrusion detection systems
  • Snort
  • Suricata

Workshop Chair:

Dr. Stavros Shiaeles
Reader in University of Portsmouth

Personal Bio:

Dr Stavros Shiaeles is a Reader in Cyber Security at University of Portsmouth, UK, Visiting Prof. at University of Peloponnese, Greece and Bharath University, India. He worked as an expert in cyber-security and digital forensics in the UK and EU, serving companies and research councils. His research interests span in the broad area of Cyber Security such as OSINT, Social Engineering, Distributed Denial of Service Attacks, Cloud Security, Insider Threats, Digital Forensics, Network Anomaly Detection and Malware mitigation.

He authored more than 100 publications in academic journals and conference, he chaired many workshops in IEEE well-known conference such as IEEE Service and NetSoft, he is a member of IEEE TCIIN Group and IEEE TCHS and currently he is co-chairing IEEE International Conference on Security and Resilience Series (IEEE CSR). He has co-edited two Cyber Security books, published by CRC Press on April 2021 and he is involving as Principal Investigator, leading University of Portsmouth research team, in European and local grants.

Further to his academic qualifications, he holds a series of professional certifications named EC-Council Certified Ethical Hacker (CEH), EC-Council Advance Penetration Testing (CAST611), ISACA Cobit 5 Foundation and a Cyberoam (Now acquired by Sophos) Certified Network and Security Professional (CCNSP), and he is an EC-Council accredited instructor providing professional certifications training on Cybersecurity and Penetration testing.

It is worth mentioning, prior entering academia, he was in the industry, in which he has more than 10 years of experience, and he worked on various IT aspects and Cybersecurity.

Workshop Committee Members:

Dr. Bendiab Gueltoum, Université Frères Mentouri Constantine 1 (UFMC1) bendiab.kelthoum@umc.edu.dz

Dr. Marwan Omar, Illinois Institute of Technology momar3@iit.edu

Dr. Vasilios Kelefouras, Plymouth University vasilios.kelefouras@plymouth.ac.uk

Workshop Description:

Background:

Intrusion detection systems (IDS) play a crucial role in safeguarding digital systems and networks against cyber threats, and their importance is further amplified by incorporating machine learning (ML) capabilities. ML-powered IDS enhances the detection and response capabilities by automatically analyzing vast amounts of data and adapting to evolving attack patterns.

Firstly, ML-based IDS can identify and flag anomalous behavior with high accuracy and speed. By learning from historical data, they can detect new and previously unseen attack vectors, reducing false positives and false negatives.

Secondly, ML enables IDS to adapt and improve over time. These systems can continuously update their models by incorporating new data, staying ahead of emerging threats. This dynamic nature makes ML-powered IDS resilient against evolving attack techniques and helps in maintaining a robust defense posture.

Lastly, ML-based IDS can handle large-scale network traffic efficiently. By leveraging advanced algorithms, they can process massive amounts of data in real-time, enabling swift response and reducing the risk of undetected intrusions.

In conclusion, the integration of machine learning into intrusion detection systems empowers organizations to enhance their security posture by accurately detecting and responding to cyber threats, adapting to new attack vectors, and efficiently processing vast amounts of data.

Goal / Rationale:

Intrusion detection research faces several challenges that must be addressed to improve the effectiveness and efficiency of intrusion detection systems (IDS). One key problem is the increasing complexity and diversity of attack techniques, making it difficult for IDS to accurately detect and classify intrusions. To address this, researchers need to focus on developing advanced machine learning algorithms that can effectively analyze and classify complex patterns of malicious behavior.

Another challenge is the high rate of false positives and false negatives in IDS alerts, which can overwhelm security analysts or result in missed detections. This issue can be mitigated through the integration of anomaly detection techniques and behavior-based analysis into IDS systems, allowing for more accurate and reliable intrusion detection.

Additionally, IDS research must address the problem of scalability to handle the ever-growing volume of network traffic and data. This can be achieved by leveraging distributed and parallel computing techniques, as well as implementing intelligent data reduction and feature selection mechanisms.

Finally, the issue of IDS evasion by sophisticated attackers poses a significant research problem. To overcome this, IDS should incorporate adaptive and resilient mechanisms that can dynamically adjust detection strategies and counteract evasion techniques employed by attackers.

By focusing on these research problems and developing innovative solutions, we can enhance the capabilities of intrusion detection systems and improve our ability to detect and respond to evolving cyber threats effectively.

Scope and Information for Participants:

The scope of the workshop on IDS is to provide attendees with a comprehensive understanding of the malicious actors and how artificial intelligence could help to identify threats before it is too late. The workshop covers a wide range of topics, including:

  1. Datasets available to be used
  2. Machine learning algorithms used for detection
  3. False positive and False negative problem
  4. Opensource IDS systems available

The workshop is designed to be comprehensive, covering all aspects of IDS and is suitable for anyone wants to learn more about IDS.

Highlight:

A collaborative Intrusion Detection System (IDS) based on blockchain technology represents a groundbreaking approach in cybersecurity. This system leverages the inherent strengths of blockchain—decentralization, immutability, and transparency—to enhance the security and reliability of intrusion detection across various nodes in a network.

In this setup, each participating node contributes to and accesses a shared ledger, where data regarding potential security threats and anomalies are recorded. Thanks to blockchain's immutable nature, once information is logged, it cannot be altered retroactively. This ensures the integrity of the data, making it trustworthy for all participants. The decentralized structure of the blockchain means there's no single point of failure, significantly increasing the system's resilience to attacks and manipulation.

Blockchain's consensus mechanisms, such as Proof of Work or Proof of Stake, ensure that all data additions to the ledger are validated collectively, preventing false data injection and enhancing the overall accuracy of the IDS. Moreover, the transparent nature of blockchain allows participants to trace and verify each record's origins, fostering trust among the nodes.

Smart contracts on the blockchain can automate responses to detected threats, improving the system's responsiveness and efficiency. While offering transparency, blockchain-based IDS can also incorporate privacy-preserving techniques, such as zero-knowledge proofs, to protect sensitive data. This innovative amalgamation of blockchain with IDS paves the way for a more secure, collaborative approach to cyber defense.



Access to Workshop:

CONF-SPML 2024 Workshop -- Portsmouth - YouTube

Venue:

Buckingham Building, University of Portsmouth, Portsmouth PO1 3HE, UK

Visa:


Welcome to GOV.UK (www.gov.uk)

In order to ensure the information is correct and up to date, there may be changes which we are not aware of. And different countries have different rules for the visa application. It is always a good idea to check the latest regulations in your country. This page just gives some general information of the visa application.

UK Visa Information

What you need to do

  • Check if what you plan to do in the UK is allowed as a Standard Visitor.
  • Check you meet the eligibility requirements.
  • Check if you need to apply for a visa to visit the UK.
  • Apply for a Standard Visitor visa online - if you need one.

Check you meet the eligibility requirements

You must have a passport or travel document to enter the UK. It should be valid for the whole of your stay.

You must be able to show that:

  • you'll leave the UK at the end of your visit
  • you're able to support yourself and your dependants during your trip (or have funding from someone else to support you)
  • you're able to pay for your return or onward journey (or have funding from someone else to pay for the journey)
  • you'll not live in the UK for extended periods through frequent or successive visits, or make the UK your main home

Check if you need a visa to visit the UK

Depending on your nationality, you'll either:

  • have to apply for a Standard Visitor visa before you travel to the UK
  • be able to visit the UK for up to 6 months without needing a visa

You can check if you need a visa before you apply.

If you do not need a visa, you must still meet the Standard Visitor eligibility requirements to visit the UK. You may be asked questions at the UK border about your eligibility and the activities you plan to do.

Attend in person:

If you want to attend the workshop on-site, please email the Conference Committee: info@confspml.org.

I visualize a time when we will be to robots what dogs are to humans, and I'm rooting for the machines.

Claude Shannon