Active Filtering and Adaptive Reconfiguration Technologies for Real Time Intrusion Detection in High Speed Data Streams

Award Information
Agency: Department of Defense
Branch: Army
Contract: DAAD17-03-C-0108
Agency Tracking Number: A012-1235
Amount: $730,000.00
Phase: Phase II
Program: SBIR
Awards Year: 2003
Solicitation Year: N/A
Solicitation Topic Code: N/A
Solicitation Number: N/A
Small Business Information
500 West Cummings Park, Suite 3000, Woburn, MA, 01801
DUNS: 859244204
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Joao Cabrera
 Group Leader- Info. & Com
 (781) 933-5355
Business Contact
 Raman Mehra
Title: President and CEO
Phone: (781) 933-5355
Research Institution
The overall objective of the proposed Phase II effort is thedevelopment and evaluation of a Reconfigurable Intrusion DetectionSystem (RIDS) for real time operation in high-speed data streams(OC-12 and above). The Phase I effort developed and validated acomprehensive cost model for designing real time intrusion detectionsystems, which capture the design trade-offs involving thecomputational time of the detection rules, the accuracy of the rules,the hostility level of the environment and the damage costs/falsealarm costs of the attacks. The development of RIDSs in Phase IIcombines: (1) advances in algorithm design centered on optimizationtheory, allowing for the adaptive reconfiguration of the intrusiondetection rule sets; (2) the ability of performing firewall-likeactions (active filtering) based on the cost model; (3) communicationwith SNMP-based Network Management Systems (NMSs), for exchange ofparameters related to the cost model; (4) hardware implementation foroperation at Gigabitps speeds. Georgia Tech will provide support inalgorithm design and evaluation at the 100 Mbitps range. MCNC willlead the project tasks related to demonstrating the scalability of thealgorithms into the OC-12 and above range. Aprisma ManagementTechnologies (manufacturer of the SPECTRUM NMS suite) will support theintegration and commercialization of the Reconfigurable IntrusionDetection System and the SPECTRUM NMS suite.Protecting institutional networks from attacks accounts for about 25billion US dollars each year. It is estimated that 95 percent of theDoD communications pass through the National InformationInfrastructure (NII) at some point. The proposed technology has thepotential to provide the NII with a robust, real time defense lineagainst general classes of security violations against its backboneand high-speed links.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government