Agent Enabled Advanced Intrusion Detection System

Agent Enabled Advanced Intrusion Detection System (AEA-IDS) Phase I provided insight into the latest research, tools, and products available to protect mission critical systems. The proposed Phase II project, will build on this research to address several critical CNO technology gaps identified by National Security Agency (NSA) and applicable to systems like GMD: CNO sensor improvements CNO situational awareness Detection of novel attacks Active network defense In Phase II, Sentar will: Select two or more candidate IDS/IPS technologies and develop an initial prototype to demonstrate the functionality on a representative network. Integrate with intelligent software agents and develop model based profiling. Test the integrated IDS/IPS in a lab environment and prepare the solution for future SIL testing and insertion into the GMD operational environment. The proposed AEA-IDS sensors and developed functionality integrates directly to an existing Phase II project titled, Work-Centered Interface for Computer Network Defense (WCI-CND). The expectation is that an AEA-IDS Phase II project will demonstrate how the selected IDS/IPS will work within the established WCI-CND system to provide a level of system and network security that is not available commercially or available from existing security projects within the government.