|
 |
 |
<< Back to Project Archives Index
| The Kerf Toolkit for Instrusion Analysis |
Project Summary: Our objective is to provide administrators with new methods for the analysis of an attack on their computer system. Numerous intrusion-detection tools exist; our focus is on intrusion analysis, specifcally, tools that help administrators to examine large amounts of host and net-work log data. The Kerf tools will fit into the unexplored territory between current approaches that search log data without providing much context and those that report summary statistics about records within the logs.
The project has produced a number of novel prototype tools for different stages of log analysis, both for system administration and forensic purposes. These tools apply machine learning and data organization techniques to automating a variety of log analysis tasks, which should save administrators and forensic analysis considerable amounts of manual effort. New approaches to browsing logs were developed, which we hope will be adopted by the state-of-the-art commercial and free tools.
Project Leads:
Sergey Bratus
David Kotz
Daniela Rus (MIT)
Javed Aslam (Northeastern University) |
|
|
|
