"Network Radar: Surveillance and Tracking in Computer Networks"

Period of Performance: 09/03/1997 - 09/03/1999

$496K

Phase 2 STTR

Recipient Firm

NET Squared, Inc.
4324 Vista Way
Davis, CA 95616
Principal Investigator
Firm POC

Research Institution

University of California, Davis
2064 Kemper Hall One Shields Avenue
Davis, CA 95616
Institution POC

Research Topics

Abstract

This proposal addresses several fundamental gaps in network security. First, the complexity of today's networks, users' ability to install their own software, and undocumented software features conspire to prevent security administrators from knowing what is actually happening on their networks. Second, by simply placing network servers at unusual ports, attackers can easily circumvent the security provided by filtering firewalls and network security monitors such as ASIM and NID. And third, by hopping through multiple hosts, attackers can easily frustrate a security administrator's attempt to track down the source of the attack.We shall develop an integrated suite of network monitoring tools which will address these as well as other gaps in network security. These tools, collectively called Network Radar, will work in concert to provide a comprehensive monitoring capability, and this capability will allow security administrators to establish and maintain control over and integrity within their networks.