|
SNAIR is composed of a 30+ PC network laboratory.
Within SNAIR is 10 to 15 subnetworks routers
and switches. The file server used in SNAIR
is over 1/2 a TB (terabyte) of physical harddrive
space. Additionaly there are a set of sun
micro systems rack mount servers used within
the laboratory.
The facilities allow researchers and students
to generate test and training data for attribution
systems instead of just using data sets on
networks to eliminate privacy problems. Since
the network is a closed network, SNAIR protects
the campus and the world wide web by firewalling
itself from the outside. The expected users of the lab are security
graduate students as well as some undergraduate
researchers that are currently using SNAIR
to research selected topics from the projects
listed below. The researchers work in isolated
offices near the lab, where they are allowed
to access the lab and utilize its equipment.
SNAIR will be used to create a new course
(CPRE 431) that will focus on information
security systems for an undergraduate curriculum.
The lab will be incorporated into this course
by collecting data sets and will be replayed
for the students to use in projects and assignments,
ultimately promoting real world experience
in the class room.
Purpose: Attack Attribution
PI: Dr. Daniels
Goals:
- Education- Expand the lab for educational
purposes primarily for the class "Computer
and Network Forensics" (Course
536x).
- Research Projects - Use the attack
attribution for other projects in which
a test of a series of attacks would
be necessary.
Purpose: DILON is a
project that incorporates intrusion detection
at the first layer, or the physical layer
of the internet. DILON is a joint venture
in cooperation with HSSE (High Speed Systems
Engineering).
Network Topology for
Attribution:
Multi-level Consistency-based Intrusion
Detection
|
