Networks and Systems Security Lab

Intrusion Detection Systems

Intrusion Detection Systems (IDS) are a cornerstone of modern cybersecurity, designed to detect, respond to, and prevent unauthorized or malicious activities across digital infrastructures. As the threat landscape evolves—driven by the proliferation of IoT devices, increased use of wireless networks, and the growing complexity of cyber-physical and cloud systems—traditional detection approaches often fall short in addressing new attack vectors, data privacy constraints, and system heterogeneity.

Our group's research in IDS focuses on advancing the state of the art through resilient, adaptive, and privacy-aware detection mechanisms. We develop novel techniques that extend beyond static rule-based systems, integrating machine learning, federated learning, and programmable system-level defenses to detect and recover from sophisticated and stealthy intrusions. Our work targets diverse environments—from industrial control systems and IoT ecosystems to wireless networks and cloud platforms—prioritizing real-world applicability and minimal system disruption.

A central theme in our research is building intelligence into the infrastructure itself, enabling systems to autonomously detect anomalies, recover from attacks, and adapt to new threats. We also contribute to the research community through the development of open datasets, empirical threat analyses, and detection frameworks that help bridge the gap between academic innovation and operational deployment.

By tackling the challenges of scalability, data imbalance, privacy preservation, and system transparency, our IDS research not only enhances the security posture of today's computing environments but also shapes the future of autonomous, trustworthy, and resilient cyber defense—contributing to both academic advancement and industry-grade solutions.

Related Publications