Accession Number:

ADA426398

Title:

Formal Methods for Information Protection Technology Task 1: Formal Grammar-Based Approach and Tool for Simulation Attacks against Computer Network Part II

Descriptive Note:

Final rept. 1 Dec 2000-19 Feb 2004

Corporate Author:

RUSSIAN ACADEMY OF SCIENCES SAINT PETERSBURG INST OF INFORMATION SCIENCE AND AUTOMATION

Personal Author(s):

Report Date:

2004-02-19

Pagination or Media Count:

110.0

Abstract:

This report results from a contract tasking St. Petersburg Institute For Informatics Automation of the Russian Academy of Sciences as follows Formal Methods for Information Protection Technology The use of open computer networks as an environment for exchange of information across the globe in distributed applications requires improved security measures on the network, in particular, to information resources used in applications. Integrity, confidentiality and availability of the network resources must be assured. To detect and suppress different types of computer unauthorized intrusions, modern network security systems NSS must be armed with various protection means and be able to accumulate experience in order to increase its ability to front against known types of intrusions, and to learn new types of intrusions. The project will perform three main tasks. 1. Develop a mathematical model and a tool that simulates various coordinated intrusion scenarios against computer networks 2. Develop the mathematical foundations, architecture, and principles of implementation of autonomous-software-tool technology implementing the learning system for intrusion detection 3. Develop the fundamentals, architecture and software for the computer security system based on multi-level encoding for information protection in mass application. Currently, scientific efforts in network security area are undertaken mainly in the development of the network defense mechanisms. Unfortunately, substantially less attention is paid to the study of the nature of intrusions and, in particular, remote distributed intrusion attempts. No appropriate tools for intrusionattack simulation nor research on a formal framework for intrusion specification exists.

Subject Categories:

  • Information Science
  • Computer Systems
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE