Aims to develop protocols and application programming interfaces so that intrusion detection research projects can share information and resources and so that intrusion detection components can be reused in other systems.
Four examples of how we are applying ideas from immunology to today's computer security problems are a host based intrusion-detection method, a network based intrusion-detection system, a distributable change-detection algorithm, and a method for inte...
SRI International's EMERALD (Event Monitoring Enabling Responses to Anomalous Live Disturbances) research project is a distributed scalable tool suite for tracking malicious activity through and across large networks.
A case study/research paper providing detailed analysis of several anomalous network events to illustrate the techniques for examining alerts and logs generated by a network intrusion detection system.
Information Assurance focusing on techniques for detecting and reacting to intrusions into networked information systems. We have coordinated several evaluations of computer network intrusion detection systems.
This project is a data-mining based approach to detecting intruders in computer systems. The project approaches the intrusion detection problem from a data-mining perspective. Large quantities of data are collected from the system and analyzed to buil...
Anomaly Detection in Database Systems, Common Intrusion Detection Framework, Intrusion Detection and Isolation Protocol / IDIP, Intrusion Detection for Large Networks, Misuse Detection and Workshop for Intrusion Detection and Response Data Sharing.