WISTA direkt
Search

News

07. June 2010

Pavel Laskov, Ph.D

Project head in the Intelligent Data Analysis department at the Fraunhofer Institute for Computer Architecture and Software Technology FIRST

Pavel Laskov was born in 1971 in Moscow/Russia and obtained his first degree in Computer and System Engineering in 1994 at the Moscow Institute of Radio, Electronics and Automation. He then spent the next seven years in the USA where he took his Master of Science and Ph.D. in Computer Science at the University of Delaware.

Since 2001 he has been working at the Fraunhofer Institute for Computer Architecture and Software Technology FIRST in Berlin-Adlershof as project head in the Intelligent Data Analysis department.

In April 2009 he was awarded a Heisenberg fellowship by the German Research Foundation which now allows him to pursue further activities at the Wilhelm Schickard Institute for Computer Science at the University of Tübingen.

His current research topics

Pavel Laskov develops methods of machine learning for IT security. He was head of the MIND (Machine Learning for Intrusion Detection) project funded by the Federal Ministry of Education and Research.

The project uses methods of machine learning to extract patterns indicating attacks, attempted misuse or security violations from the huge data flood of Internet traffic. Classification methods are used which assign data to various categories, each with its own characteristic pattern. The project differentiates between “normal” and “anomalous” packets. Anomalies are recognized because they occur less frequently and have an unusual appearance. The particular strength of the learning method is that it can also recognize previously unknown forms of attack with a very low rate of false alarms.

The work will be continued in the ReMIND project which concludes in 2010 and puts its focus on real-time identification of attacks.

Picture: When placed in a suitable geometric space, sophisticated hacker attacks and complex network packets appear as red and green dots. Special methods of comparing network events enable malicious network packets to be easily distinguished from normal packets due to their geometric characteristics so they can be blocked in real time.

Contact: Pavel. Laskov, Ph.D., e-mail: pavel.laskov(at)first.fraunhofer.de, tel.: +49 (0) 30 6392-1879, www.first.fraunhofer.de