'CSCAN Network' Research Student Profile

Home People Profile...

Mr Denis Hock

Research Student

Brief biographical information

dehock@fb2.fra-uas.de

Network Anomaly Detection

Due to the paramount economic and social importance, the protection of IP-based networks and associated devices is an increasingly important matter. In recent years, IT-systems and their underlying networks have pervaded business and private life and are ubiquitously used in virtually every area. Lately, these systems are often subject of malicious software attacks that aim to cause damage to users and may affect the functions of devices and network. Network intrusions can cause lost revenue, damage to the reputation or damage to information systems while critical processes and sensitive data depend upon the security of these systems.A countermeasure to detect malicious network traffic on time are Intrusion Detection Systems (IDS). However, traditional IDS require extensive knowledge of attack signatures and are not capable of detecting new attacks due to the time lag between publication and implementation of an attack signature. For these reasons, the interest in Anomaly Detection Systems, that discover statistical deviations from normal behaviour, increased in recent years. A major advantage of Anomaly Detection is its ability to detect even unknown and new attacks.
This project wants to utilize modern anomaly detection methods to reveal malicious network traffic. Following our previous research on topics such as metrics for anomaly detection and majority voting to adjust IDS models with different replacement algorithms, we analyse phenomenons such as concept drift and traffic time series in changing environments with a focus on the underlying protocols and applications to discover methods with the capability to decrease the error rate and increase the discovery rate of current state of the art network anomaly detection systems

Mr Denis Hock

Director of studies: Prof. Dr Martin Kappes
Other supervisors: Prof. Dr Matthias Wagner, Dr Bogdan Ghita

Journal papers

A Self-Learning Network Anomaly Detection System using Majority Voting
Hock D, Kappes M
Proceedings of the Tenth International Network Conference (INC 2014), Plymouth, UK, July 8-9, pp59-69, ISBN: 978-1-84102-373-1, 2014
Can be ordered on-line.
More details | Download PDF

1 Journal papers

1 publication(s) - all categories.