Intrusion Detection

May 1, 2002 - August 1, 2004

Our vision of an intrusion detection system is one where the "system" encompasses the entire enterprise and where intrusion detection is a distributed and collaborative process involving the entities within the enterprise. We view an entity as any computational device to include computers, servers, switches, and routers and where intrusion detectors are comprised of both anomaly and signature detectors that communicate with each other. We have initiated work toward realizing our vision and have achieved positive results by using a two-stage process for host based anomaly detection.

We conduct IDS related research in wired, moble-adhoc, wireless, and sensor network environments.

intrusion detection, ontology, semantic web

OWL Tweet

Students

  1. Jim Parker

Faculty

  1. John Pinkston

Publications

2003

  1. A. Joshi, "Data Mining, Semantics and Intrusion Detection: What to dig for and Where to find it", InBook, Next Generation Data Mining, December 2003, 2 citations.
  2. S. Avancha, J. Undercoffer, A. Joshi, and J. Pinkston, "Secure Sensor Networks for Perimeter Protection", Article, Computer Networks, November 2003, 3824 downloads, 30 citations.
  3. J. Undercoffer, F. Perich, A. Cedilnik, L. Kagal, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", Article, ACM Monet: Special Issue on Security in Mobile Computing Environments, October 2003, 4706 downloads, 44 citations.
  4. J. Undercoffer, A. Joshi, T. Finin, and J. Pinkston, "Using DAML+OIL to classify intrusive behaviours", Article, Knowledge Engineering Review, September 2003, 1586 downloads, 3 citations.
  5. J. Pinkston, J. Undercoffer, A. Joshi, and T. Finin, "A Target-Centric Ontology for Intrusion Detection", InProceedings, Proceedings of the IJCAI-03 Workshop on Ontologies and Distributed Systems, July 2003, 1894 downloads, 150 citations.
  6. A. Joshi, "On Web, Semantics, and Data Mining: Intrusion Detection as a Case Study", InProceedings, Proceedings of the NSF Workshop on Next Generation Data Mining, May 2003, 3633 downloads, 4 citations.
  7. A. Joshi, J. Undercoffer, and H. Shah, "Fuzzy Clustering for Intrusion Detection", InProceedings, Proceedings of the 12th IEEE International Conference on Fuzzy Systems, April 2003, 254 downloads, 51 citations.

2002

  1. L. Kagal, F. Perich, A. Joshi, T. Finin, and J. Undercoffer, "A Security Architecture Based on Trust Management for Pervasive Computing Systems", InProceedings, Grace Hopper Celebration of Women in Computing, October 2002, 5863 downloads, 30 citations.
  2. F. Perich and C. Nicholas, "SHOMAR: An Open Architecture for Distributed Intrusion Detection Services", TechReport, University of Maryland, Baltimore County, September 2002, 5944 downloads.
  3. L. Kagal, J. Undercoffer, F. Perich, A. Joshi, Y. Yesha, and T. Finin, "Vigil: Providing Trust for Enhanced Security in Pervasive Systems", TechReport, University of Maryland, Baltimore County, August 2002, 5600 downloads, 11 citations.

2001

  1. A. Cedilnik, L. Kagal, F. Perich, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", TechReport, University of Maryland, Baltimore County, August 2001, 4638 downloads.