Innovative Intrusion Detection System for Host Computers

"Current host-based intrusion detection systems are mostly based on attack signatures and are unreliable for detecting insider and/or new attacks and they create too many false positives so that administrators become complacent about potential securityrisks. The opportunity exists to build hierarchical statistical models for host-based intrusion detection systems that will perform deviation detection within information systems while minimizing false alarms. The system is based on the creation of abehavior dictionary for accurate monitoring of deviations. It has three innovative key components. They are: (1) new algorithms for extracting a behavior dictionary from system call data. (2) a statistical model for command names and parameters sequenceand (3) an information fusion system based on artificial intelligence techniques for fusing the detection signals generated from different levels of operation data. Tests using the DARPA Intrusion Detection Evaluation data hosted at the MIT LincolnLaboratory have been very successful. Xfinit's Intrusion Detection System will serve financial institutions, large corporations and government agencies. They will benefit from tighter security that is simple and easy to manage. Xfinit has a unique solutionthat will enhance internal security and will create trust mechanisms between outsourcing partners. With tighter security, companies and organizations will be able to take advantage of cost saving s