Expert Intrusion Detection System

Description

Network intrusion detection and prevention is an important component of corporate IT security infrastructures. Current IDS offerings have numerous shortcomings including abundant false positives, overwhelming amounts of data, and insufficient analysis and correlation.

Matzner's system is a real-time, network-based Intrusion Detection System (IDS), which uses third-party sensing devices to generate the data and then to filter, correlate, prioritize, and summarize attack information. The invention is a rule-based expert system using state-of-the-art technology explicitly designed for information protection and real-time detection of intrusive behavior or malicious activity on computer systems. The system combines domain knowledge from human experts with machine learning algorithms to provide a system analyst with a comprehensive and accurate account of network status.

The invention filters the real threats from a large volume of potentially abusive and exploitative events that occur in computer networks and in individual computers. It can be used to detect intrusive activity on a network as it is occurring, and also as a tool for post-analysis of damage that may have occurred on the network or on the host computer.


Benefits

  • Reduced attacks
  • Manageability
  • Constant performance improvement
  • Short install time and simple training

Features

  • Superior threat identification
  • Forensic analysis
  • Third-party sensor diagnostic
  • Machine learning algorithms
  • Simple GUI

Market Potential/Applications

The IDS market is currently about one billion dollars.


For further information please contact

University of Texas,
Austin, USA
Website : www.otc.utexas.edu