Extremely Lightweight Intrusion Detection (ELIDe)

Abstract

The need to provide network protection and monitoring extends beyond defending conventional wired computing infrastructures to mobile ad-hoc networks. This need motivates the research and development of network defense methodologies and technologies that are applicable in a tactical environment in which resources are constrained and topologies are dynamic. The project documented by this technical report makes the contribution of prototyping a packet analysis tool named Extremely Lightweight Intrusion Detection (ELIDe) with the capability to approximate Snort-like signature matching against the inbound and outbound network traffic of a single host, while requiring less than 2% of the peak memory footprint demanded by Snort. This economy of resources makes ELIDe suitable for operation in a constrained environment, such as a tactical network that cannot support a more conventional solution like Snort.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2013
Accession Number
ADA592893

Entities

People

  • Garrett S. Payer
  • Raymond J. Chang
  • Richard E. Harang

Organizations

  • United States Army Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Ad Hoc Networks
  • Command And Control
  • Computers
  • Data Sets
  • Detection
  • Detectors
  • Environment
  • Field Programmable Gate Arrays
  • Information Science
  • Intrusion
  • Intrusion Detection
  • Machine Learning
  • Mesh Networks
  • Mobile Operating Systems
  • Networks
  • Operating Systems
  • Tactical Networks

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Systems Analysis and Design