skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: HPNAIDM: The High-Performance Network Anomaly/Intrusion Detection and Mitigation System

Technical Report ·
DOI:https://doi.org/10.2172/1108982· OSTI ID:1108982
 [1]
  1. Northwesten University
+ Show Author Affiliations

Identifying traffic anomalies and attacks rapidly and accurately is critical for large network operators. With the rapid growth of network bandwidth, such as the next generation DOE UltraScience Network, and fast emergence of new attacks/virus/worms, existing network intrusion detection systems (IDS) are insufficient because they: • Are mostly host-based and not scalable to high-performance networks; • Are mostly signature-based and unable to adaptively recognize flow-level unknown attacks; • Cannot differentiate malicious events from the unintentional anomalies. To address these challenges, we proposed and developed a new paradigm called high-performance network anomaly/intrustion detection and mitigation (HPNAIDM) system. The new paradigm is significantly different from existing IDSes with the following features (research thrusts). • Online traffic recording and analysis on high-speed networks; • Online adaptive flow-level anomaly/intrusion detection and mitigation; • Integrated approach for false positive reduction. Our research prototype and evaluation demonstrate that the HPNAIDM system is highly effective and economically feasible. Beyond satisfying the pre-set goals, we even exceed that significantly (see more details in the next section). Overall, our project harvested 23 publications (2 book chapters, 6 journal papers and 15 peer-reviewed conference/workshop papers). Besides, we built a website for technique dissemination, which hosts two system prototype release to the research community. We also filed a patent application and developed strong international and domestic collaborations which span both academia and industry.

Research Organization:
Northwestern Univ., Evanston, IL (United States)
Sponsoring Organization:
USDOE
DOE Contract Number:
FG02-05ER25692
OSTI ID:
1108982
Report Number(s):
DOE-NORTHWESTERN-25692-3
Country of Publication:
United States
Language:
English

Similar Records

Security Evaluation of Two Intrusion Detection Systems in Smart Grid SCADA Environment
Conference · Sat Sep 01 00:00:00 EDT 2018 · 2018 North American Power Symposium (NAPS) · OSTI ID:1108982
Large-scale Computing Distributed Intrusion Detection
Technical Report · Mon Dec 02 00:00:00 EST 2019 · OSTI ID:1108982
Profile-based adaptive anomaly detection for network security.
Technical Report · Tue Nov 01 00:00:00 EST 2005 · OSTI ID:1108982

Related Subjects

97 MATHEMATICS AND COMPUTING
Intrusion Detection Systems
High-Speed Networking