Talos: A prototype Intrusion Detection and Prevention System based on behavioral profiling

In a society and economy that is growing increasingly reliant upon IT, networks, and systems for its day-to-day activities. Cyberattacks have the real potential to cause and inflict serious damage and disruption to critical systems and infrastructure which society relies upon. As such cyberattacks are becoming an increasingly attractive option for cybercriminals and opportunists alike, who are seeking to develop ever more intrusive and disruptive forms of attack. This issue has been exacerbated by the continuing advancement of the COVID-19 pandemic, where entire business infrastructures have been moved online to facilitate remote working, which has made cyberattacks an increasingly attractive option for criminals.

In this online seminar, Ashley will introduce his PhD research and summarise the work carried out thus far. This seminar will include a brief discussion, history and overview of Intrusion Detection and Prevention technology and present challenges, before then moving onto a discussion of the growing problem of malware attacks. Ashley will then discuss his previous and current malware-analysis which led onto his PhD research, before then discussing an alternative approach to Intrusion Detection and Prevention achieved through the behavioral-profiling of malware variants. Ashley will then discuss and detail the prototype Talos system that has been developed to detect malware based on commonly occurring behaviors and features. The online seminar will then conclude with a discussion of the next steps in the research and how Intrusion Detection and Prevention technology may be advanced moving forward.