Publications

Refine Results

(Filters Applied) Clear All

Evaluating intrusion detection systems without attacking your friends: The 1998 DARPA intrusion detection evaluation

Summary

Intrusion detection systems monitor the use of computers and the network over which they communicate, searching for unauthorized use, anomalous behavior, and attempts to deny users, machines or portions of the network access to services. Potential users of such systems need information that is rarely found in marketing literature, including how well a given system finds intruders and how much work is required to use and maintain that system in a fully functioning network with significant daily traffic. Researchers and developers can specify which prototypical attacks can be found by their systems, but without access to the normal traffic generated by day-to-day work, they can not describe how well their systems detect real attacks while passing background traffic and avoiding false alarms. This information is critical: every declared intrusion requires time to review, regardless of whether it is a correct detection for which a real intrusion occurred, or whether it is merely a false alarm. To meet the needs of researchers, developers and ultimately system administrators we have developed the first objective, repeatable, and realistic measurement of intrusion detection system performance. Network traffic on an Air Force base was measured, characterized and subsequently simulated on an isolated network on which a few computers were used to simulate thousands of different Unix systems and hundreds of different users during periods of normal network traffic. Simulated attackers mapped the network, issued denial of service attacks, illegally gained access to systems, and obtained super-user privileges. Attack types ranged from old, well-known attacks, to new, stealthy attacks. Seven weeks of training data and two weeks of testing data were generated, filling more than 30 CD-ROMs. Methods and results from the 1998 DARPA intrusion detection evaluation will be highlighted, and preliminary plans for the 1999 evaluation will be presented.
READ LESS

Summary

Intrusion detection systems monitor the use of computers and the network over which they communicate, searching for unauthorized use, anomalous behavior, and attempts to deny users, machines or portions of the network access to services. Potential users of such systems need information that is rarely found in marketing literature, including...

READ MORE

Runway status light system demonstration at Logan Airport

Summary

The Runway Status Light System (RSLS), developed under the FAA's Airport Surface Traffic Automation (ASTA) program, is intended to help reduce the incidence of runway incursions and airport surface accidents. It will do so by providing a preventive, back-up system of automatically controlled lights on the airport surface that inform pilots when runways are unsafe for entry or takeoff, and by providing controllers with enhanced surface radar displays. This report documents a proof-of-concept evaluation of the RSLS at Boston's Logan Airport. It details the methods used to provide the necessary surface surveillance and safety logic to allow a computer to operate the runway status lights and associated controller displays without human assistance. The system was installed and tested off-line at Boston's Logan Airport using an inexpensive commercial marine radar as a primary surveillance source. The system operated live and in real time but the runway status lights were not physically installed. They were displayed on a scale model of Logan Airport located in a demonstration room that had a good view of the airport. This allowed visual comparison between the actual aircraft and the resulting lights and displays. In addition to providing a convincing demonstration of the system, real-timing viewing of the aircraft movement was an important aid in the development of the surveillance processing and safety logic software. Surveillance performance and runway status light operational performance were evaluated quantitatively. The probability of tracking an aircraft in movement areas with line-of-sight coverage was better than 98%. The false track rate was about four per hour, and the surveillance jitter was about 1 meter rms. From an operational point of view, had there been real lights on the field, it appears that they would have provided the intended safety back-up with little impact on airport capacity or controller and pilot workload, Only once in 15 minutes would the pilot population have observed a light in an incorrect state for more than four seconds. From the point of view of a specific cockpit crew, only once in 36 operations would a runway status light have been seen in an incorrect state for more than four seconds, and, furthermore, only once in 50 operations would light illuminations have interfered with normal, safe traffic flow. These are encouraging results for a system in an early demonstration phase because significant improvement is possible in all of these performance measures. Specific suggestions for improvement are included in this document.
READ LESS

Summary

The Runway Status Light System (RSLS), developed under the FAA's Airport Surface Traffic Automation (ASTA) program, is intended to help reduce the incidence of runway incursions and airport surface accidents. It will do so by providing a preventive, back-up system of automatically controlled lights on the airport surface that inform...

READ MORE

Connected components and temporal association in airport surface radar tracking

Published in:
SPIE, Vol. 2220, Sensing, Imaging, and Vision for Control and Guidance of Aerospace Vehicles, 4-5 April 1994, pp. 357-379.

Summary

MIT Lincoln Laboratory, under sponsorship of the FAA, has installed a modified Raytheon pathfinder x-band marine radar at Logan Airport in Boston, Mass. and has developed a real- time surveillance system based on the pathfinder's digitized output. The surveillance system provides input to a safety logic system that will ultimately activate a set of runway status lights. This paper describes the portion of the surveillance system following the initial clutter- rejecting preprocessing, described elsewhere. The overall mechanism can be simply described as a temporal constant false alarm rate front end followed by binary morphological operations including connected components feeding a scan-to-scan tracker. However, a number of refinements have been added leading to a system which is close to being fieldable. Both the special difficulties and the current solutions are examined. The radar hardware as well as the computational environment are discussed. An overview of the clutter rejection preprocessing is given, as well as physical and processing related challenges associated with the data. Algorithmic description of the current system is presented and its real-time implementation outlined. Performance statistics and envisioned algorithmic improvements are presented.
READ LESS

Summary

MIT Lincoln Laboratory, under sponsorship of the FAA, has installed a modified Raytheon pathfinder x-band marine radar at Logan Airport in Boston, Mass. and has developed a real- time surveillance system based on the pathfinder's digitized output. The surveillance system provides input to a safety logic system that will ultimately...

READ MORE

Radar images of Logan Airport and application in automated aircraft tracking

Published in:
SPIE, Vol. 2220, Sensing, Imaging, and Vision for Control and Guidance of Aerospace Vehicles, 4-5 April 1994, pp. 316-327.

Summary

To enhance safety and expedite aircraft traffic control at airports, the Federal Aviation Administration (FAA) is in the process of developing automation aids for controllers and pilots. These automation improvements depend on reliable surveillance of the airport traffic, in the form of computerized target reports for all aircraft. One means of surveillance of the airport is primary radar. A short range radar of this type is called airport surface detection equipment or (ASDE). Lincoln Laboratory is participating in this development program by testing a system of surveillance and automation aids at Logan International Airport in Boston, Mass. This work is sponsored by the FAA. This paper describes the radar equipment being used for surface surveillance at Logan Airport and the characteristics of the radar images it produces. Techniques for automatic tracking of this radar data are also described along with a summary of the tracking performance that has been achieved. Two companion papers in this session relate to this same radar surveillance and provide more in-depth descriptions of the radar processing.
READ LESS

Summary

To enhance safety and expedite aircraft traffic control at airports, the Federal Aviation Administration (FAA) is in the process of developing automation aids for controllers and pilots. These automation improvements depend on reliable surveillance of the airport traffic, in the form of computerized target reports for all aircraft. One means...

READ MORE

Target detection using radar images of an airport surface

Published in:
SPIE, Vol. 2220, Sensing, Imaging, and Vision for Control and Guidance of Aerospace Vehicles, 4-5 April 1994, pp. 338-356.

Summary

Automation aids which increase the efficiency of the controller and enhance safety are being sought by the Federal Aviation Administration (FAA). This paper describes the target detection algorithms developed by the MIT Lincoln Laboratory as part of the airport surface traffic automation (ASTA) and runway surface safety light system (RSLS) programs sponsored by the FAA that were demonstrated at Logan International Airport in Boston, Mass. from September 1992 through December 1993. A companion paper to this conference describes the ASTA and RSLS system demonstration. Another companion paper describes the tracking algorithms. Real-time, parallel processing implementations of these surveillance algorithms are written in C++ on a Silicon Graphics Inc. Unix multiprocessor. The heavy reliance on commercial hardware, standard operating systems, object oriented design, and high-level computer languages allows a rapid transition from a research environment to a production environment.
READ LESS

Summary

Automation aids which increase the efficiency of the controller and enhance safety are being sought by the Federal Aviation Administration (FAA). This paper describes the target detection algorithms developed by the MIT Lincoln Laboratory as part of the airport surface traffic automation (ASTA) and runway surface safety light system (RSLS)...

READ MORE

Showing Results

1-5 of 5