Intrusion Detection

May 1, 2002 - August 1, 2004

Our vision of an intrusion detection system is one where the "system" encompasses the entire enterprise and where intrusion detection is a distributed and collaborative process involving the entities within the enterprise. We view an entity as any computational device to include computers, servers, switches, and routers and where intrusion detectors are comprised of both anomaly and signature detectors that communicate with each other. We have initiated work toward realizing our vision and have achieved positive results by using a two-stage process for host based anomaly detection.

We conduct IDS related research in wired, moble-adhoc, wireless, and sensor network environments.

intrusion detection, ontology, semantic web

OWL Tweet

Students

  1. Jim Parker

Faculty

  1. John Pinkston

Refereed Publications

2004

  1. J. Undercofer, A. Joshi, T. Finin, and J. Pinkston, "Using DAML+ OIL to classify intrusive behaviours", Article, Knowledge Engineering Review, January 2004, 559 downloads, 3 citations.

2003

  1. J. Undercofer and A. Joshi, "Data Mining, Semantics and Intrusion Detection: What to dig for and Where to find it", InBook, Next Generation Data Mining, December 2003, 2 citations.
  2. S. Avancha, A. Joshi, and J. Pinkston, "Secure Sensor Networks for Perimeter Protection", Article, Computer Networks, November 2003, 2753 downloads, 30 citations.
  3. F. Perich, A. Cedilnik, L. Kagal, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", Article, ACM Monet: Special Issue on Security in Mobile Computing Environments, October 2003, 3696 downloads, 44 citations.
  4. J. Undercofer, A. Joshi, T. Finin, and J. Pinkston, "A Target-Centric Ontology for Intrusion Detection", InProceedings, Workshop on Ontologies in Distributed Systems, held at The 18th International Joint Conference on Artificial Intelligence, July 2003, 881 downloads, 50 citations.
  5. J. Pinkston, "Hidden Processes: The Implication for Intrusion Detection", InProceedings, Proceedings of the IEEE International Workshop on Information Assurance, May 2003, 24 citations.
  6. A. Joshi, "On Web, Semantics, and Data Mining: Intrusion Detection as a Case Study", InProceedings, Proceedings of the NSF Workshop on Next Generation Data Mining, May 2003, 2616 downloads, 4 citations.
  7. A. Joshi and H. Shah, "Fuzzy Clustering for Intrusion Detection", InProceedings, Proceedings of the 12th IEEE International Conference on Fuzzy Systems, April 2003, 51 citations.

2002

  1. L. Kagal, F. Perich, A. Joshi, and T. Finin, "A Security Architecture Based on Trust Management for Pervasive Computing Systems", InProceedings, Grace Hopper Celebration of Women in Computing, October 2002, 5006 downloads, 30 citations.

Non-Refereed Publications

2002

  1. J. Undercofer, F. Perich, and C. Nicholas, "SHOMAR: An Open Architecture for Distributed Intrusion Detection Services", TechReport, University of Maryland, Baltimore County, September 2002, 5028 downloads.
  2. L. Kagal, F. Perich, A. Joshi, and Y. Yesha, "Vigil: Providing Trust for Enhanced Security in Pervasive Systems", TechReport, University of Maryland, Baltimore County, August 2002, 4788 downloads, 11 citations.

2001

  1. A. Cedilnik, L. Kagal, F. Perich, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", TechReport, University of Maryland, Baltimore County, August 2001, 3914 downloads.