Formal Methods for Information Protection Technology. Task 2: Mathematical Foundations, Architecture and Principles of Implementation of Multi-Agent Learning Components for Attack Detection in Computer Networks. Part 1

Abstract

This report results from a contract tasking St. Petersburg Institute For Informatics & Automation of the Russian Academy of Sciences as follows: Formal Methods for Information Protection Technology The use of open computer networks as an environment for exchange of information across the globe in distributed applications requires improved security measures on the network, in particular, to information resources used in applications. Integrity, confidentiality and availability of the network resources must be assured. To detect and suppress different types of computer unauthorized intrusions, modern network security systems (NSS) must be armed with various protection means and be able to accumulate experience in order to increase its ability to front against known types of intrusions, and to learn new types of intrusions. The project will perform three main tasks. 1. Develop a mathematical model and a tool that simulates various coordinated intrusion scenarios against computer networks; 2. Develop the mathematical foundations, architecture, and principles of implementation of autonomous-software-tool technology implementing the learning system for intrusion detection; 3. Develop the fundamentals, architecture and software for the computer security system based on multi-level encoding for information protection in mass application. Currently, scientific efforts in network security area are undertaken mainly in the development of the network defense mechanisms. Unfortunately, substantially less attention is paid to the study of the nature of intrusions and, in particular, remote distributed intrusion attempts. No appropriate tools for intrusion/attack simulation nor research on a formal framework for intrusion specification exists.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2003
Accession Number
ADA426435

Entities

People

  • I. V. Kotenko

Organizations

  • Russian Academy of Sciences

Tags

Communities of Interest

  • C4I
  • Cyber
  • Energy and Power Technologies
  • Engineered Resilient Systems
  • Human Systems

DTIC Thesaurus Topics

  • Computational Science
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Programs
  • Computers
  • Cybersecurity
  • Data Mining
  • Databases
  • Denial Of Service Attack
  • Detection
  • Information Processing
  • Information Science
  • Information Systems
  • Intrusion Detectors
  • Local Area Networks
  • Network Science

Fields of Study

  • Computer science

Readers

  • Academic Conference Management
  • Computer Networking
  • Cybersecurity.

Technology Areas

  • Cyber