Detecting Intrusion from Network Anomalies (DINA)
Department of Commerce
National Institute of Standards and Technology
Agency Tracking Number:
Solicitation Topic Code:
Small Business Information
Michigan Aerospace Corporation
1777 Highland Dr., Suite B, Ann Arbor, MI, 48108
Socially and Economically Disadvantaged:
AbstractThis proposal introduces the Detecting Intrusion from Network Anomalies (DINA) system, which uses data mining tools to automatically detect anomalous behaviors that can be related to undesired intrusion and/or attacks upon computer networks, as well as other use patterns which may indicate behaviors which are non-hostile but still problematic. The application will make use of Ensembles of Decision Trees (EDTs) to mine the data and detect those anomalous behaviors. The system will utilize a Relational Database (RDBMS)/Data Warehouse (DW) Architecture that can be used to build, manage, deploy, score, and detect anomalies, all within the database. The model and approach described in this proposal will be adopted to build a prototype using the capabilities of a number of open-source products. Moreover, the system will provide crucial visualization tools aimed at helping users diagnose performance issues and understand communication patterns between nodes.
* information listed above is at the time of submission.