Active Filtering and Adaptive Reconfiguration Technologies for Real Time Intrusion Detection in High Speed Data Streams

Award Information
Agency:
Department of Defense
Branch
Army
Amount:
$730,000.00
Award Year:
2003
Program:
SBIR
Phase:
Phase II
Contract:
DAAD17-03-C-0108
Award Id:
57976
Agency Tracking Number:
A012-1235
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
SCIENTIFIC SYSTEMS CO., INC. (Currently Scientific Systems Company, Inc.)
500 West Cummings Park, Suite 3000, Woburn, MA, 01801
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
859244204
Principal Investigator:
Joao Cabrera
Group Leader- Info. & Com
(781) 933-5355
cabrera@ssci.com
Business Contact:
Raman Mehra
President and CEO
(781) 933-5355
rkm@ssci.com
Research Institution:
n/a
Abstract
The overall objective of the proposed Phase II effort is thedevelopment and evaluation of a Reconfigurable Intrusion DetectionSystem (RIDS) for real time operation in high-speed data streams(OC-12 and above). The Phase I effort developed and validated acomprehensive cost model for designing real time intrusion detectionsystems, which capture the design trade-offs involving thecomputational time of the detection rules, the accuracy of the rules,the hostility level of the environment and the damage costs/falsealarm costs of the attacks. The development of RIDSs in Phase IIcombines: (1) advances in algorithm design centered on optimizationtheory, allowing for the adaptive reconfiguration of the intrusiondetection rule sets; (2) the ability of performing firewall-likeactions (active filtering) based on the cost model; (3) communicationwith SNMP-based Network Management Systems (NMSs), for exchange ofparameters related to the cost model; (4) hardware implementation foroperation at Gigabitps speeds. Georgia Tech will provide support inalgorithm design and evaluation at the 100 Mbitps range. MCNC willlead the project tasks related to demonstrating the scalability of thealgorithms into the OC-12 and above range. Aprisma ManagementTechnologies (manufacturer of the SPECTRUM NMS suite) will support theintegration and commercialization of the Reconfigurable IntrusionDetection System and the SPECTRUM NMS suite.Protecting institutional networks from attacks accounts for about 25billion US dollars each year. It is estimated that 95 percent of theDoD communications pass through the National InformationInfrastructure (NII) at some point. The proposed technology has thepotential to provide the NII with a robust, real time defense lineagainst general classes of security violations against its backboneand high-speed links.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government