Real-time Visualization Tool for Distributed Intrusion Detection System Data

Award Information
Agency:
Department of Defense
Branch
Army
Amount:
$68,669.00
Award Year:
2010
Program:
SBIR
Phase:
Phase I
Contract:
W15P7T-10-C-H603
Award Id:
97817
Agency Tracking Number:
A101-010-0218
Solicitation Year:
n/a
Solicitation Topic Code:
Army 10-010
Solicitation Number:
n/a
Small Business Information
315 Wynn Drive, Suite 1, Huntsville, AL, 35805
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
174265736
Principal Investigator:
Andrew Potter
Chief Scientist
(256) 430-0860
andrew.potter@sentar.com
Business Contact:
Sharon Yalowitz
Chief Scientist
(256) 430-0860
cassin@materials-sciences.com
Research Institution:
n/a
Abstract
Current intrusion detection systems are effective for collecting large quantities of event data, but they are inadequate for presenting information to security analysts in a useful way. Typically, to investigate a single problem, an analyst must study reams of data and devote substantial hours to writing complex custom filters; frequently critical data is distributed among multiple logs and available only on remote consoles, requiring access from multiple physical locations. To address this problem, Sentar proposes to develop a real-time visualization system, called Visual Net Defender (VND). VND aggregates, correlates, and presents data from multiple intrusion detection systems and enriches this information with data acquired through passive and active network monitoring. VND uses a multi-tier information architecture rendered in three dimensional space, using iconography based on familiar, recognizable objects, providing details on demand, while eliminating useless noise. Within this rich interactive environment, security conditions can be contextualized in intuitive ways that go beyond signature-based detection or automated correlation, allowing the analyst to integrate macro- and micro-level knowledge seamlessly and rapidly. By enabling systems and humans to do what they do best, VND permits the analyst to maintain an in-depth understanding the situation, resulting in better decision making, and therefore better security.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government