Secure and Scalable Anomaly-Based Network Intrusion Detection

Explore secure and scalable anomaly-based network intrusion detection in this conference talk from the Hack In The Box Security Conference. Dive into the challenges of defending corporate communication networks against sophisticated malware and insider threats. Learn about a research framework implemented in Go that addresses the limitations of existing solutions, offering secure and extensible collection strategies for network traffic features. Discover how this framework provides type-safe structured data access, supports various protocols, and generates audit records in a platform-neutral format. Understand the benefits of its concurrent design, easy extensibility, and ability to work with live captures and dump files. Gain insights into the framework's functionality for creating labeled datasets for supervised machine learning. Follow along as the speaker demonstrates practical experiments using the CIC-IDS-2017 dataset, Tensorflow, and a Deep Neural Network to classify malicious behavior.