Many organizations use intrusion detection systems (IDSs) to protect themselves against threats such as viruses and attacks. We are developing new self-securing devices (e.g., self-securing storage and NIC-based firewalls), to provide increased security by creating separate, smaller security domains. However, this distribution of security raises significant administrative challenges.
In this project, we are developing Castellan, a software tool for managing distributed intrusion detection systems. Castellan will support network administrators in:
We are currently in the design stages of Castellan and are talking
with network administrators about their needs for managing distributed
intrusion detection. A sketch of the Castellan interface
follows.
FACULTY
STUDENTS
Ernest Chan
We thank the members and companies of the PDL Consortium: Amazon, Bloomberg, Datadog, Google, Honda, Intel Corporation, IBM, Jane Street, Meta, Microsoft Research, Oracle Corporation, Pure Storage, Salesforce, Samsung Semiconductor Inc., Two Sigma, and Western Digital for their interest, insights, feedback, and support.