INTEL GROUP MEETING
November 18, 1998
9:00 – 10:00
3085 ENG II
In attendance:
Jim Hoagland (JH), Karl Levitt (KL), Jeff Rowe (JR), Steven Templeton (ST)

Topics
Translating LaSCO to GrIDS
Ideas for DARPA 99-10 BAA
Correlation/Aggregation
Correcting Codes
Redundancy
Smart Cards
    1. JR: Are there any stupid LaSCO rulesets that we can translate into GrIDS right away?
      1. JH: Preconditions
      2. JR: There is an edge in GrIDS if you want to use it later, don’t want to aggregate.
    2. KL: DARPA 99-10 BAA Is Jeff interested in participating? Calvin is doing IDS, Nick is doing one on his own for routers, Michael & Prem are doing policy
      1. JR: Correlation – nothing in Global Guard on correlation. Aggregation – routing, discovery coordinator, flooding algorithm, tables shared
      2. ST: Communication to people who want to receive the message. In CIDF you subscribe. Add more specifics to Stuart’s BDI.
      3. ST: Channel coding – network to produce turbo code – considerably better. Add redundant bits; recursive network
        1. Parallel to type of communication at a higher level; need type of redundancy available
      4. KL: Notion of correcting codes
        1. ST: Expert system – rule assumed correct; interaction of rules complex. Facts – rules static/correct
        2. Have to deal with noise, missing data in rules
        3. Generating rules from data – rules that dealt with unknowns
        4. Rough set – rules vote – overwhelmed by correct rules/votes
        5. KL: Works in compromise system; formal view. Yemini uses binary; have to have data, redundancy to check tolerance. Detect level of error can be tolerated.
      5. KL: Look at redundancy; write rules to handle missing or compromised data
        1. JR: Data from many sources
        2. ST: Sensor fusion – combination of information from multiple sensors to reduce data error
        3. JH: Data fusion – make sure you’re talking about same entity
      6. KL: New idea – build on BDI or redundancy – think one year ahead
      7. JR: With Chris Wee – game theory to set aggregate less benefit to being selfish
      8. KL: Local Policy – see aggregate change to rules
      9. KL: Demonstrations only for proposal
      10. ST: IDS – detectors – sum of policy; Bottom-up design – discover what policy is being implemented; matches policy at top.
      11. JR: Build around Prem’s Smart Cards
        1. KL: Smart card controls one process – can’t kill process from the outside without physically removing the card.
        2. JR: Someone will know if you tamper with a smart card
        3. ST: Smart Card is different from the system; another level above root – trusted root