Course Number
695.642
Next Offered
Summer 2022
Primary Program
Cybersecurity
Location
Online
Mode of Study
Online

This course explores the use of network and host based intrusion detection systems (IDS) as part of an organization’s overall security posture. A variety of approaches, models, analyzes, and algorithms along with the practical concerns of deploying IDS in an enterprise environment will be discussed. Topics include the products, architectures, and components of IDS, host and network based IDS, network analysis, IDS technologies, Machine Learning, Linux Firewall IPTables, and Tor Networking. The use of ROC (receiver operating characteristic/curves) to discuss false positives, false negatives, precision recall graphs, and missed detection trade – offs as well as discussions of current research topics will provide a comprehensive understanding of when and how IDS can complement host and network security. A variety of IDS tools will be used to collect and analyze potential attacks to include; OSSEC, Tripwire, Snort, Suricata, Neo4j, Zeek (new name Bro), Keras, and Rapid Miner. The course will use virtual machines in labs and assignments to provide hands-on experience with IDS including using test data to quantitatively compare different IDS’s.

Course Prerequisite(s)

EN.695.641 Cryptology

Course Offering(s)

Open

Intrusion Detection

695.642.81
05/31/2022 - 08/23/2022
Semester
Summer 2022
Mode of Study
Online
Location
Online
Cost
$4,920.00
Textbook
TBD