Many organizations use intrusion detection systems (IDSs) to protect themselves against threats such as viruses and attacks. We are developing new self-securing devices (e.g., self-securing storage and NIC-based firewalls), to provide increased security by creating separate, smaller security domains. However, this distribution of security raises significant administrative challenges.
In this project, we are developing Castellan, a software tool for managing distributed intrusion detection systems. Castellan will support network administrators in:
We are currently in the design stages of Castellan and are talking
with network administrators about their needs for managing distributed
intrusion detection. A sketch of the Castellan interface
follows.
FACULTY
STUDENTS
Ernest Chan
We thank the members and companies of the PDL Consortium: Amazon, Bloomberg, Datadog, Google, Honda, Intel Corporation, IBM, Jane Street, LayerZero, Meta, Microsoft Research, Oracle Corporation, Oracle Cloud Infrastructure, Pure Storage, Salesforce, Samsung Semiconductor Inc., Two Sigma, and Western Digital for their interest, insights, feedback, and support.