June 22, 1999
3085 ENG II

In attendance:
Jeff Rowe (JR), Jason Schatz (JS), David Klotz (DK), Karl Levitt (KL)

  1. Personnel Issues
    1. Tiejun Li will likely work on the NSA project with Chris
    2. Anomaly detection subcontract with Roy Maxion and CMU - Steven Templeton might prefer to work on it.
    3. New Boeing - Trust Management
  2. Boeing Issues
    1. Add response and cost strategies
    2. David Klotz could do the implementation; Steven Cheung could formalize it.
    3. "Focused Anomaly Detection" - Richard Littman suggests incorporating Calvin's specification work
      1. specification - what you expect to happen - model normal expected behavior
      2. signatures - matches the attack
      3. Data Issues
        1. Monitor as much data as you can handle without allowing the IDS to trigger a DOS.
        2. Write specifications at different levels.
        3. Synchronization specifications - 2 system administrators try to change a password at the same time.