• About ISSO
• Research Areas
• Projects
• Finished Projects and Archive
• Opensource Projects

Finished Projects

Adaptive Network Defense

Firewalls

Intruder Tracing
TIS Applied Research and Security Engineering Group and U.C. Davis are supporting Boeing's Defense and Space Group on a series of DARPA contracts researching and developing an Intruder Tracing technology. The Dynamic, Cooperating Boundary Controllers program developed a new capability, enabling networks to cooperatively detect system attacks, learn about the attack behavior, and dynamically reconfigure to protect the greater network infrastructure. The three-organization team developed a new protocol, the Intruder Detection and Isolation Protocol (IDIP), and integrated IDIP into a set of network security systems. These systems include Boeing's Secure Network Server filtering router, TIS' Internet Firewall Toolkit with DTE enhancements, and U.C. Davis' Master Intrusion Detection System. The systems cooperatively locate intruders by notifying, tracing, and responding to known network intrusion patterns in a large inter-networked system. They locate, isolate, and block the intruder close to the point of attack, and provide diagnostic information so that network administrators can further investigate the intrusion. This program has recently been completed, and work on two follow-on contracts has begun. One will add the ability for components to be more flexible and adaptable to intrusions. The other will integrate these capabilities into COTS products, such as the Gauntlet Firewall.

Multimedia Protocols
The Real Time Streaming Protocol (RTSP) is an Internet Engineering Task Force (IETF) proposed protocol for streaming multimedia over the Internet. TIS's Applied Research and Security Engineering Group has been working with RealNetworks, one of the primary authors of the RTSP specification, to develop a reference implementation of an RTSP firewall proxy. The RTSP proxy allows FWTK-based firewalls to pass restricted, unidirectional media streams to authorized RTSP clients inside the security perimeter.

The MBone (Multicast Backbone) is one of the earliest and best-known technologies for multimedia conferencing over the Internet. Under DARPA funding, TIS's Applied Research and Security Engineering Group developed an approach that allows FWTK-based firewalls to pass restricted, bi-directional MBone traffic, while reducing the risk that inbound multicast datagrams can be used to attack hosts inside the firewall-enforced security perimeter. The MBone proxy software has been made publicly available on the TIS FTP site.