Lincoln Laboratory Computer Security Technology
Below is a partial list of computer security software technology, developed at MIT's Lincoln Laboratory, available for licensing, with links to brief descriptions.
Contact the corresponding Licensing Officer for more information.
IREP++
MIT Case No. 10010L, US Patent Pending
Inventors:
Robert K. Cunningham and Oliver Dain
Abstract:
IREP++ is a machine learning algorithm that produces a set of human readable rules from a set of training data. IREP++ is based on two existing algorithms, IREP and RIPPER, but is significantly faster with no loss of accuracy. Lucent Technologies, Inc. holds US Patent No. 5,719,692 on portions of the RIPPER algorithim, but IREP++ does not make use of any of the patented portions of the algorithm. IREP++ is faster because it has a new and more effective rule-pruning metric, a simpler criterion for stopping learning, novel data structures for reducing sorting, and a more efficient technique for handling categorical features
Contact Information:
Dave Sossen
Technology Licensing Officer
(617) 253-6966
dsossen@mit.edu
Stellar
MIT Case No. 10011L
Inventors:
Stephen Boyer, Robert K. Cunningham and Oliver Dain
Abstract:
Stellar is a system for combining the alerts from several
heterogeneous intrusion detection systems into scenarios in
real time. The system assigns an evolving security risk assessment
to the constructed scenarios. Stellar learns to build scenarios
from a human analyst so that its decisions emulate those of
a trained security professional. The system is able to apply
a set of rules to the constructed scenarios to assess the security
risk of the actions in the scenario. Stellar includes a graphical
user interface to help the analyst train and monitor the system.
Contact Information:
Danny Dardani
Technology Licensing Officer
(617) 253-6966
ddardani@mit.edu
NetSPA: A Network Security Planning
Architecture
MIT Case No. 10362L
Inventors:
Michael L. Artz, Kyle W. Ingols, Kendra Kratkiewicz, Richard
P. Lippmann and Chris Scott
Abstract:
Attack graphs are a valuable tool to network defenders that
illustrate paths an attacker can use to gain access to a targeted network.
Defenders can then focus their efforts on patching the vulnerabilities
and configuration errors that allow the attackers the greatest amount
of access. We have created a new, proprietary type of attack graph, the
multiple-prerequisite graph, that scales nearly linearly as the size of
a typical network increases. We have built a prototype system using this
graph type. The prototype uses readily available source data to automatically
compute network reachability, classify vulnerabilities, build the graph, and
recommend actions to improve network security. We have tested the prototype on
an operational network with over 250 hosts, where it helped to discover a
previously unknown configuration error. It can evaluate large, enterprise
networks using commodity hardware in seconds, and has processed complex
simulated networks with over 50,000 hosts in under four minutes. This
technology is patent pending.
Contact Information:
Dan Dardani
Technology Licensing Officer
(617) 253-6966
ddardani@mit.edu
|
