SEECS Colloquium

Intrusion detection systems (IDS) generate vast amount of information about the attacks occurring on our networks. However, this data is often not optimally utilized. Networks are viewed and defended in isolation from one another, making the identification of large scale distributed or coordinated attacks extremely difficult. By viewing IDS distributed across networks as a web of sensors reporting on the activity they are seeing, we attempt to reorganize this data such that the activities of the attackers are made clear. This provides a "strategic view" of the attacks occurring, creating a more easily understood picture of the actions and goals of the attackers.

A combination of techniques from the realms of radar tracking, machine learning, and sensor fusion allow us to model and track the behavior of attackers across networks. This is done with the goals of early detection of distributed, coordinated attacks and of providing the security analyst with a better vantage point from which to defend the network

A graduate of the University of Central Florida, Daniel J. Burroughs is currently completing his PhD at Dartmouth College under the direction of Profs. George Cybenko and Linda Wislon. His research interests include distributed systems, intrusion detection and computer security.