Find us on
 |
 |
 |
Upcoming Events
 |
My Computer Ate My Data, Changed My Students' Grades and Stole My Money |
Past Programs
 |
Real-Time Crowd Support for People with Disabilities |
 |
Cyber Operations and National Security |
 |
CISO vs. Adversary |
 |
Adventures in SCADA |
Newsletter - Summer/Fall 2010
Our objective is to provide administrators with new methods for the analysis of an attack on their computer system. Numerous intrusion-detection tools exist; our focus is on intrusion analysis, specifically, tools that help administrators to examine large amounts of host and net-work log data. The Kerf tools will fit into the unexplored territory between current approaches that search log data without providing much context and those that report summary statistics about records within the logs.
The project has produced a number of novel prototype tools for different stages of log analysis, both for system administration and forensic purposes. These tools apply machine learning and data organization techniques to automating a variety of log analysis tasks, which should save administrators and forensic analysis considerable amounts of manual effort. New approaches to browsing logs were developed, which we hope will be adopted by the state-of-the-art commercial and free tools.
