Computational and Information Sciences Directorate Research Areas

Monitoring, Metrics, and Performance Analysis for Intrusion Detection Networks

Advisor: Cam, Hasan (301-394-2871, hasan.cam.civ@mail.mil)
Adelphi, Maryland

Key words: Monitoring wired and wireless networks, Intrusion detection systems, Identifying metrics
Performance analysis, Data fusion, Sensors, Network theory and modeling, Secure aggregation

Challenging research opportunities exist in continuous monitoring, identifying metrics, developing models, and analyzing performance for intrusion detection systems and networks. Specific opportunities exist in the following areas: (i) identifying metrics and continuous monitoring techniques for assessing cyber vulnerability and degree of adversarial activity over wired and wireless networks with distributed intrusion detection sensors, (ii) developing experimentally-validated models and computing performance by analyzing, simulating, and/or emulating network traffic, intrusions, false positives and negatives, (iii) data fusion, filtering, and secure aggregation in networks with intrusion detection sensors and possibly mobile nodes, and (iv) validation methods for intrusion detection models, systems, and tools.