Accession Number:

ADA592893

Title:

Extremely Lightweight Intrusion Detection (ELIDe)

Descriptive Note:

Technical rept. Mar-Jul 2013

Corporate Author:

ARMY RESEARCH LAB ADELPHI MD COMPUTATIONAL AND INFORMATION SCIENCES DIRECTORATE

Report Date:

2013-12-01

Pagination or Media Count:

25.0

Abstract:

The need to provide network protection and monitoring extends beyond defending conventional wired computing infrastructures to mobile ad-hoc networks. This need motivates the research and development of network defense methodologies and technologies that are applicable in a tactical environment in which resources are constrained and topologies are dynamic. The project documented by this technical report makes the contribution of prototyping a packet analysis tool named Extremely Lightweight Intrusion Detection ELIDe with the capability to approximate Snort-like signature matching against the inbound and outbound network traffic of a single host, while requiring less than 2 of the peak memory footprint demanded by Snort. This economy of resources makes ELIDe suitable for operation in a constrained environment, such as a tactical network that cannot support a more conventional solution like Snort.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE