Intelligent Security Console Architecture

Abstract

This report addresses the design of an Intelligent Security Console equipped with Intrusion Detection Message Exchange Format (IDMEF) Objects' data mining for the DARPA Ultra*Log Program. It supports the scalable Monitoring and Response security console architecture. The Data Mining capability requires scalability of message management, that has been ensured through incorporation of an XML Database (eXist). Security console is used to query for IDMEF alerts generated across the society by various sensors (including COTS). The results are shown as a tree with the structure corresponding to the security communities' hierarchy in getting the society status through queries and alert messages. The latest version (4.1) of the security console is designed to mine frequent patterns in Intrusion attacks with an XML repository for collecting and organizing alerts and event messages. This ensures scalability and organized storage of voluminous information over a period of time.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2005
Accession Number
ADA440573

Entities

People

  • Dipankar Dasgupta

Organizations

  • University of Memphis

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Classification
  • Communication Channels
  • Data Mining
  • Databases
  • Detection
  • Detectors
  • Graphical User Interface
  • Hierarchies
  • Identification
  • Information Science
  • Intrusion
  • Operating Systems
  • Statistical Analysis
  • Storage
  • Three Dimensional
  • User Interface

Fields of Study

  • Computer science

Readers

  • Aerospace Engineering
  • Computer Networking
  • Sensor Fusion and Tracking Systems.

Technology Areas

  • AI & ML