1. A Framework for Improving the Performance of Signature-based Network Intrusion Detection Systems
September 2013-April 2014 (Completed)
Network Intrusion detection systems (NIDSs) have been widely deployed in different network environments (e.g., banks, schools) to defend against a variety of network attacks (e.g., Trojans, worms). Generally, a network intrusion detection system can be classified into two categories: signature-based NIDS and anomaly-based NIDS. In real-world applications, the signature-based NIDS is more prevalent than anomaly- based detection as the false alarm rate of the former is much lower than the latter. However, we identify three major issues that can greatly affect the performance of a signature-based NIDS.
2. An Object-Oriented Information Security Model for Organizations
February 1999-April 2000 (Completed)
Organizations with information security concerns often reveals that the fundamental vulnerabilities lie not with the emerging technology but rather with the lack of an information security infrastructure and its associated documentation within the organization. The Risk Data Repository (RDR) software provides a means to document the organizational information security, and to facilitate the conduct of the risk analysis. On the basis of the experience gained with the existing RDR prototype, an enhanced system with greater automation of the risk analysis studies, essential for more comprehensive information security systems, is proposed. In particular the model will be reformulated on an object oriented basis to provide a more comprehensive and versatile model with minimum software development costs. This project thus aims to develop an object-oriented RDR tool to enable the development and implementation of an effective information security management process in organizations. The ability to model the organizational information security in an object-oriented manner will enable security officers to comprehensively model the system, automatically explore its risk scenarios and extract security relevant data in multimedia formats. Such a model will be a powerful tool for security managers and security auditors.