Automated Intrusion Detection for GCCS Les
Small Business Information
8229 Boone Blvd, Suite 750, Vienna, VA, 22182
AbstractArca Systems proposes to initiate the design and development of an intrusion detection system for the GCCS LES (and similar environments). Many current intrusion detection tools are Unix-based, focused on a single host or on a generally homogeneous distributed environment. The notional GCCS LES environment makes extensive use of distributed architecture, using support from the COTS technologies DCE and CORBA. The concepts of users, permissions, identification and authentication, and audit, which are central to existing intrusion detection tools, may vary significantly in the GCCS LES. Arca Systems proposes to identify a class of detectable intrusion in GCCS LES and determine what data items need to be analyzed to detect such intrusions. This analysis will be performed both by porting existing intrusion detection tools to the GCCS LES environment and by extending and modifying those tools. These tools will be developed to the robust prototype stage.
* information listed above is at the time of submission.