About MIT TLO     MIT Community     For Industry     Resources  
 
 
 

Lincoln Laboratory Computer Security Technology

Below is a partial list of computer security software technology, developed at MIT's Lincoln Laboratory, available for licensing, with links to brief descriptions. Contact the corresponding Licensing Officer for more information.


IREP++

MIT Case No. 10010L, US Patent Pending
Inventors:
Robert K. Cunningham and Oliver Dain

Abstract:

IREP++ is a machine learning algorithm that produces a set of human readable rules from a set of training data. IREP++ is based on two existing algorithms, IREP and RIPPER, but is significantly faster with no loss of accuracy. Lucent Technologies, Inc. holds US Patent No. 5,719,692 on portions of the RIPPER algorithim, but IREP++ does not make use of any of the patented portions of the algorithm. IREP++ is faster because it has a new and more effective rule-pruning metric, a simpler criterion for stopping learning, novel data structures for reducing sorting, and a more efficient technique for handling categorical features

Contact Information:
Dave Sossen
Technology Licensing Officer
(617) 253-6966
dsossen@mit.edu


Stellar

MIT Case No. 10011L
Inventors:
Stephen Boyer, Robert K. Cunningham and Oliver Dain

Abstract:

Stellar is a system for combining the alerts from several heterogeneous intrusion detection systems into scenarios in real time. The system assigns an evolving security risk assessment to the constructed scenarios. Stellar learns to build scenarios from a human analyst so that its decisions emulate those of a trained security professional. The system is able to apply a set of rules to the constructed scenarios to assess the security risk of the actions in the scenario. Stellar includes a graphical user interface to help the analyst train and monitor the system.

Contact Information:
Danny Dardani
Technology Licensing Officer
(617) 253-6966
ddardani@mit.edu


NetSPA: A Network Security Planning Architecture

MIT Case No. 10362L
Inventors:
Michael L. Artz, Kyle W. Ingols, Kendra Kratkiewicz, Richard P. Lippmann and Chris Scott

Abstract:

Attack graphs are a valuable tool to network defenders that illustrate paths an attacker can use to gain access to a targeted network. Defenders can then focus their efforts on patching the vulnerabilities and configuration errors that allow the attackers the greatest amount of access. We have created a new, proprietary type of attack graph, the multiple-prerequisite graph, that scales nearly linearly as the size of a typical network increases. We have built a prototype system using this graph type. The prototype uses readily available source data to automatically compute network reachability, classify vulnerabilities, build the graph, and recommend actions to improve network security. We have tested the prototype on an operational network with over 250 hosts, where it helped to discover a previously unknown configuration error. It can evaluate large, enterprise networks using commodity hardware in seconds, and has processed complex simulated networks with over 50,000 hosts in under four minutes. This technology is patent pending.

Contact Information:
Dan Dardani
Technology Licensing Officer
(617) 253-6966
ddardani@mit.edu