skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Large-Scale Intelligent Intrusion Detection System

Abstract

An effective and practical cybersecurity tool is needed to provide cybersecurity monitoring, situational awareness, reporting, intrusion prevention, and remediation in high performance computing (HPC) facilities, centers, infrastructure, or resources. This tool should provide an intelligent shield to fend off new-generation cyberattacks and secure HPC facilities, infrastructure, and large-scale systems. To address this need, Physical Optics Corporation (POC) has completed a Phase I SBIR project, Large-Scale Intelligent Intrusion Detection (LSIID) system. LSIID is based on integration of risk-based analysis using Markov decision processes (MDPs), a Bayesian inference model, unsupervised and supervised machine learning techniques, an intelligent intrusion detection decision mechanism using historical and time information, and the existing Bro intrusion detection system’s event managing engine. This combination provides the artificial intelligence (AI) needed to detect and mitigate both known and new cyberattacks in HPC networks and hosts. During Phase I, a large-scale intelligent intrusion detection system architecture, framework design, and algorithms were developed. The feasibility of the approach was demonstrated by assembling, testing, and evaluation of a technology readiness level (TRL)-4 prototype. Test and evaluation results demonstrated the capability of LSIID to defend HPC systems against known and new attacks in real time, resulting in a powerful intelligent large-scale intrusion detection/protectionmore » system. Plans were also devised for enhancement of intrusion detection/protection capabilities of LSIID and its integration with HPC systems in Phase II.« less

Authors:
 [1]
  1. Physical Optics Corporation,Torrance, CA (United States). Applied Technologies Division
Publication Date:
Research Org.:
Physical Optics Corporation,Torrance, CA (United States)
Sponsoring Org.:
USDOE Office of Science (SC)
OSTI Identifier:
1415488
Report Number(s):
DOE-POC-0017194
10014
DOE Contract Number:  
SC0017194
Type / Phase:
SBIR (Phase I)
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
42 ENGINEERING; 96 KNOWLEDGE MANAGEMENT AND PRESERVATION; 97 MATHEMATICS AND COMPUTING; Cybersecurity; Intrusion Detection; Intrusion Protection; High Performance Computing; High Bandwidth Network

Citation Formats

Milovanov, Alexander. Large-Scale Intelligent Intrusion Detection System. United States: N. p., 2018. Web.
Milovanov, Alexander. Large-Scale Intelligent Intrusion Detection System. United States.
Milovanov, Alexander. Wed . "Large-Scale Intelligent Intrusion Detection System". United States.
@article{osti_1415488,
title = {Large-Scale Intelligent Intrusion Detection System},
author = {Milovanov, Alexander},
abstractNote = {An effective and practical cybersecurity tool is needed to provide cybersecurity monitoring, situational awareness, reporting, intrusion prevention, and remediation in high performance computing (HPC) facilities, centers, infrastructure, or resources. This tool should provide an intelligent shield to fend off new-generation cyberattacks and secure HPC facilities, infrastructure, and large-scale systems. To address this need, Physical Optics Corporation (POC) has completed a Phase I SBIR project, Large-Scale Intelligent Intrusion Detection (LSIID) system. LSIID is based on integration of risk-based analysis using Markov decision processes (MDPs), a Bayesian inference model, unsupervised and supervised machine learning techniques, an intelligent intrusion detection decision mechanism using historical and time information, and the existing Bro intrusion detection system’s event managing engine. This combination provides the artificial intelligence (AI) needed to detect and mitigate both known and new cyberattacks in HPC networks and hosts. During Phase I, a large-scale intelligent intrusion detection system architecture, framework design, and algorithms were developed. The feasibility of the approach was demonstrated by assembling, testing, and evaluation of a technology readiness level (TRL)-4 prototype. Test and evaluation results demonstrated the capability of LSIID to defend HPC systems against known and new attacks in real time, resulting in a powerful intelligent large-scale intrusion detection/protection system. Plans were also devised for enhancement of intrusion detection/protection capabilities of LSIID and its integration with HPC systems in Phase II.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {1}
}

Technical Report:
This technical report may be released as soon as January 3, 2022
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that may hold this item. Keep in mind that many technical reports are not cataloged in WorldCat.

Save / Share: