June 22, 1999
3085 ENG II
Jeff Rowe (JR), Jason Schatz (JS), David Klotz (DK), Karl Levitt (KL)
- Personnel Issues
- Tiejun Li will likely work on the NSA project with Chris
- Anomaly detection subcontract with Roy Maxion and CMU - Steven Templeton might prefer to work on it.
- New Boeing - Trust Management
- Boeing Issues
- Add response and cost strategies
- David Klotz could do the implementation; Steven Cheung could formalize it.
- "Focused Anomaly Detection" - Richard Littman suggests incorporating Calvin's specification work
- specification - what you expect to happen - model normal expected behavior
- signatures - matches the attack
- Data Issues
- Monitor as much data as you can handle without allowing the IDS to trigger a DOS.
- Write specifications at different levels.
- Synchronization specifications - 2 system administrators try to change a password at the same time.