Intrusion Detection and Event Management

Instructor(s): Dr. Baltatzis Dimitrios
Teaching Hours and Credit Allocation: 30 Hours, 6 Credits
Course Assessment: Exam & Coursework

 

Aims: This course provides a detailed examination both theoretical and hands on labs on Intrusion Detection systems. Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies and acceptable use policies, or standard security practices. The main goal of Intrusion Detection System is to recognize potential incidents.

Content

  • IDS Presentation, SO installation
  • Planning Collection of Network data
  • Network Data Types
  • Network Detection – IOC - Signatures - Snort
  • Anomaly Based Detection - Bro
  • NOSQL DB - Elasticstack
  • Host Based Intrusion Detection
  • Honey Pots – Packet Analysis