Mahbod Tavallaee's website

Mahbod Tavallaee

Dr. Mahbod Tavallaee is an IT Security Consultant in the Information & Technology Risk Solutions group in Deloitte. He possesses over 6 years of experience in Networking and IT security. During the past 4 years, Mahbod has been heavily involved in the design, implementation and deployment of Security Information and Event Management (SIEM) Solutions. He started his collaboration with Q1Labs Company as a researcher in September 2007, and joined Deloitte in September 2010 as a security consultant to assist organizations in the implementation and deployment of ArcSight and Q1 Labs' SIEM Solutions.

Network Intrusion Detection and Prevention

Dr. Tavallaee is the coauthor of the book “Network Intrusion Detection and Prevention: Concepts and Techniques” which is published by Springer and has been available on Amazon since October 2009 (ISBN: 978-0-387-88770-8).

The book "Network Intrusion Detection and Prevention: Concepts and Techniques" provides detailed and concise information on different types of attacks, theoretical foundation of attack detection approaches, implementation, data collection, evaluation, and intrusion response. Additionally, it provides an overview of some of the commercially/publicly available intrusion detection and response systems.

The book "Network Intrusion Detection and Prevention: Concepts and Techniques" is designed for researchers and practitioners in industry. This book is suitable for advanced-level students in computer science as a reference book as well.

ISCX 2012 IDS Evaluation Dataset

The goal of the ISCX 2012 dataset is to develop new techniques, technology, and algorithms for the automatic generation of benchmark datasets. The dataset has been created by security researchers at ISCX including Ali Shiravi, Hadi Shiravi, and Mahbod Tavallaee. The dataset is meant to aid research efforts in the general areas of developing, testing and evaluating algorithms for intrusion detection and anomaly detection. The Information Security Centre of Excellence has copyright on the data and is the principal distributor of the ISCX 2012 dataset.

The Information Security Centre of Excellence (ISCX) 2012 intrusion detection evaluation dataset consists of labeled network traces, including full packet payloads, which along with the relevant profiles are publicly available to researchers by applying at http://iscx.ca/dataset-request-form. A full description of the evaluation dataset can also be found at http://www.iscx.ca/datasets .