Detecting Intrusion from Network Anomalies (DINA)

Award Information
Agency: Department of Commerce
Branch: National Institute of Standards and Technology
Contract: SB1341-08-SE-0676
Agency Tracking Number: 909-08
Amount: $89,608.00
Phase: Phase I
Program: SBIR
Awards Year: 2008
Solicitation Year: N/A
Solicitation Topic Code: N/A
Solicitation Number: N/A
Small Business Information
Michigan Aerospace Corporation
1777 Highland Dr., Suite B, Ann Arbor, MI, 48108
DUNS: N/A
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 John Trenkle
 (510) 525-8667
 jmtrenkle@yahoo.com
Business Contact
Phone: () -
Research Institution
N/A
Abstract
This proposal introduces the Detecting Intrusion from Network Anomalies (DINA) system, which uses data mining tools to automatically detect anomalous behaviors that can be related to undesired intrusion and/or attacks upon computer networks, as well as other use patterns which may indicate behaviors which are non-hostile but still problematic. The application will make use of Ensembles of Decision Trees (EDTs) to mine the data and detect those anomalous behaviors. The system will utilize a Relational Database (RDBMS)/Data Warehouse (DW) Architecture that can be used to build, manage, deploy, score, and detect anomalies, all within the database. The model and approach described in this proposal will be adopted to build a prototype using the capabilities of a number of open-source products. Moreover, the system will provide crucial visualization tools aimed at helping users diagnose performance issues and understand communication patterns between nodes.

* information listed above is at the time of submission.

Agency Micro-sites

US Flag An Official Website of the United States Government