May 1, 2002 - August 1, 2004
Our vision of an intrusion detection system is one where the "system" encompasses the entire enterprise and where intrusion detection is a distributed and collaborative process involving the entities within the enterprise. We view an entity as any computational device to include computers, servers, switches, and routers and where intrusion detectors are comprised of both anomaly and signature detectors that communicate with each other. We have initiated work toward realizing our vision and have achieved positive results by using a two-stage process for host based anomaly detection.
We conduct IDS related research in wired, moble-adhoc, wireless, and sensor network environments.
- J. Undercofer, A. Joshi, T. Finin, and J. Pinkston, "Using DAML+ OIL to classify intrusive behaviours", Article, Knowledge Engineering Review, January 2004, 1056 downloads, 3 citations.
- J. Undercofer and A. Joshi, "Data Mining, Semantics and Intrusion Detection: What to dig for and Where to find it", InBook, Next Generation Data Mining, December 2003, 2 citations.
- S. Avancha, A. Joshi, and J. Pinkston, "Secure Sensor Networks for Perimeter Protection", Article, Computer Networks, November 2003, 3137 downloads, 30 citations.
- F. Perich, A. Cedilnik, L. Kagal, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", Article, ACM Monet: Special Issue on Security in Mobile Computing Environments, October 2003, 4093 downloads, 44 citations.
- J. Undercofer, A. Joshi, T. Finin, and J. Pinkston, "A Target-Centric Ontology for Intrusion Detection", InProceedings, Workshop on Ontologies in Distributed Systems, held at The 18th International Joint Conference on Artificial Intelligence, July 2003, 1167 downloads, 50 citations.
- J. Pinkston, "Hidden Processes: The Implication for Intrusion Detection", InProceedings, Proceedings of the IEEE International Workshop on Information Assurance, May 2003, 24 citations.
- A. Joshi, "On Web, Semantics, and Data Mining: Intrusion Detection as a Case Study", InProceedings, Proceedings of the NSF Workshop on Next Generation Data Mining, May 2003, 2919 downloads, 4 citations.
- A. Joshi and H. Shah, "Fuzzy Clustering for Intrusion Detection", InProceedings, Proceedings of the 12th IEEE International Conference on Fuzzy Systems, April 2003, 51 citations.
- L. Kagal, F. Perich, A. Joshi, and T. Finin, "A Security Architecture Based on Trust Management for Pervasive Computing Systems", InProceedings, Grace Hopper Celebration of Women in Computing, October 2002, 5288 downloads, 30 citations.
- J. Undercofer, F. Perich, and C. Nicholas, "SHOMAR: An Open Architecture for Distributed Intrusion Detection Services", TechReport, University of Maryland, Baltimore County, September 2002, 5400 downloads.
- L. Kagal, F. Perich, A. Joshi, and Y. Yesha, "Vigil: Providing Trust for Enhanced Security in Pervasive Systems", TechReport, University of Maryland, Baltimore County, August 2002, 5072 downloads, 11 citations.
- A. Cedilnik, L. Kagal, F. Perich, and A. Joshi, "A Secure Infrastructure for Service Discovery and Access in Pervasive Computing", TechReport, University of Maryland, Baltimore County, August 2001, 4139 downloads.