USA flag logo/image

An Official Website of the United States Government

Real Time Intrusion Detection in High-Speed Data Streams

Award Information

Agency:
Department of Defense
Branch:
Army
Award ID:
57976
Program Year/Program:
2002 / SBIR
Agency Tracking Number:
A012-1235
Solicitation Year:
N/A
Solicitation Topic Code:
N/A
Solicitation Number:
N/A
Small Business Information
Scientific Systems Company, Inc
500 West Cummings Park - Ste 3000 Woburn, MA -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2002
Title: Real Time Intrusion Detection in High-Speed Data Streams
Agency / Branch: DOD / ARMY
Contract: DAAD17-02-C-0023
Award Amount: $120,000.00
 

Abstract:

"We propose to investigate a methodology for designing hybrid(network-based and host-based) Intrusion Detection Systems (IDSs) foroperation at the OC-12 range and above. The scheme is centered on theapplication of Statistical Pattern Recognition methods for producingcomputationally cheap, yet effective detection rules to be programmedin dedicated co-processors. The effort addresses the challenges inthe development of network-based IDSs posed by the unabated increasein network capacity, and the arise of multi-stage attacks involvinghost infiltration followed by network scanning and automatedpacket-flooding. Current schemes for coping with increasing linkspeed rely on packet subsampling and/or reduction of the signatureset, resulting on substantial reduction in accuracy. In contrast, ourmethod offers a flexible alternative with no reduction of detectionrate, that can also be easily reprogrammed for new attacks. Theinclusion of host-based features allows the detection of multi-stageattacks. The statistical nature of the approach is compatible withIPSEC, as packet encryption preserves the features used for ruleconstruction. Aprisma Inc. (manufacturer of SPECTRUM) will provideconsulting in network management and security. Design and evaluationof algorithms will utilize an extensive data set collected by MCNC ona Gigabit Ethernet. MCNC group will also provide consulting inadvanced hardware. Prof. Wenke Lee from Georgia Tech will serv

Principal Investigator:

Joao B.D. Cabrera
Research Engineer
7819335355
cabrera@ssci.com

Business Contact:

Raman K. Mehra
President
7819335355
rkm@ssci.com
Small Business Information at Submission:

Scientific Systems Co., Inc.
500 West Cummings Park, Suite 3000 Woburn, MA 01801

EIN/Tax ID: 043053085
DUNS: N/A
Number of Employees:
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No