Research Topics

1. Network Intrusion Detection Systems (IPv6)
   This sub-research area is aimed to classify the normal traffic and malicious traffic in IPv6 environment, by using clustering Algorithm and Genetic Algorithm. However In general worms, malware, or remote attacks, a script includes the certain features that is, a signature or machine instructions. Furthermore, tunneling mechanisms can be used to hide malicious code and avoid firewall or detection systems.
2. Wireless Intrusion Detection Systems (WIDPs)
   Wireless solutions are becoming a popular solution in lying out a network or to enable connectivity. However, the open medium of the Wi-Fi could also pose dangers from malicious machines executing attack to nodes in the wireless network. WIDPs are needed to detect such intrusions in the wireless medium at early stages of the attack/intrusion.
3. IDS Alert Assessments
   IDSs' usually generate a large number of alerts whenever abnormal activities are detected. Inspecting and investigating all reported alerts manually is a difficult, error-prone, and time-consuming task. On the other hand, ignoring those alerts might lead to successful attacks. The need to assess those alerts is very crucial to discover serious alerts and threats. The goal of this area is providing the security administrator with an effective technique to evaluate and manage alerts, thereby saving his or her time and effort.
4. Network Worm Detection
   A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach itself to an existing program. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. The propagation of worms is usually stealthy and detection in the early stages is very crucial.
5. Network Malware Detection (IPv6)
   Malware is abbreviation for Malicious Software and used to refer to any software or program that can damage data or computer systems. Based on the propagation method the malware can be classified as Virus, worm, spam and Trojan. Intelligent malware can find vulnerabilities in IPv6 networks and then propagate from this IPv6 network and infect the other ipv6 Networks, also some other malware infect the IPv6 networks using IPv6 tunneling vulnerabilities.