Luciano Argento

Research Abstract

Nowadays it is hard to find an organisation which does not invest substantial resources to take its business over the Internet. Online business has several advantages such as cutting costs and the ability of doing business 24 hours, but also very important disadvantages, like security threats. Each of these organisations must take into account an astonishing number of malicious activities which aim at exfiltrating sensitive data or disrupting services. Many protection techniques have been employed until now to frustrate such threats but none of them has proven to be the definitive solution, so security administrators have started to combine these techniques in order to build strong defences. One of the most important protection techniques against network attacks are intrusion detection systems or IDSs. IDSs are typically employed in a network organisation or in a single system to improve its security. The main goal of an IDS is to provide a monitoring tool for events that could be potential or real security incidents , in other words, violation of security policies. My main research activities have been about the study and development of data mining techniques for intrusion detection which are able to achieve satisfactory performance, especially when it comes to detect known and unknown threats and to recognise correctly, as much as possible, legitimate traffic.