This Small Business Innovation Research Phase I project is directed toward fulfilling the need of business and Government organizations to more effectively monitor and protect their electronic networks. Network security devices (NSDs) such as Antivirus, Intrusion Detection/Prevention, spam/phishing filtering, and bandwidth anomaly detection systems have become an integral part of our networks as they provide invaluable services in maintaining data integrity and confidentiality, while protecting the availability of our computing resources. This research aims at significantly increasing the timeliness, accuracy and cost-effectiveness of NSDs in combating fast changing and ever more sophisticated network security attacks. If successful, this effort will provide an effective subscription service to update the security policies based on global information and MetaFlows will increase the usability of NSDs by reducing false positives. This will have the effect of improving network security and cost-effectiveness as a whole.
The programming and maintenance of NSDs is today a significant obstacle to their wider adoption. The most common and significant complaints are (1) too many false positive events (events that should not be generated) and (2) the tremendous expertise required in the management of these devices. These obstacles limit NSDs' adoption by many smaller companies that cannot afford to hire network security experts. This research effort will improve the manageability, accuracy and return on investment of many existing NSDs. Future extension of this technology will generalize this subscription-based approach to all other types of NSDs. Besides improving the objective security of networks, these services and their future extensions will also promote a wider adoption of network security products.