ISAI and DShield.org Join Forces To Create First Distributed Intrusion Detection System for Academic Institutions
New York (PRWEB) October 15, 2005 — The Information Security in Academic Institutions (ISAI) research project, funded by the National Institute of Justice, is analyzing the unique vulnerabilities of higher education’s networks and their impact on public safety. In addition to collecting survey and interview data, ISAI has partnered with DShield.org to create a distributed intrusion detection system for higher education, which is the first sector-specific system of its kind.
The pilot program launches with three universities and aggregates anonymous firewall and intrusion detection data to correlate attacks and identify commonalities. Participants are given a log-in to a dashboard that aggregates anonymous threat data across the higher education sector, as well as provides an in-depth view of their own university or college. Universities and colleges can apply for participation in the pilot program by calling (917) 783-8496 or via e-mail at e-mail protected from spam bots.
The site, located at http://dshield.infosecurityresearch.org, is expected to complement the President’s National Strategy to Secure Cyberspace Actions and Recommendations 1-7 that encourage colleges and universities to establish one or more information sharing centers to deal with cyber attacks and vulnerabilities.
“Dshield.org provides excellent utility for IT Directors and Information Security Officers around the world. Applying this technology specifically to the higher education sector helps us pinpoint threats to networks and develop highly effective remediation strategies,” said Dr. Steffani Burd, Executive Director, ISAI.
The ISAI partnership augments Dshield.org’s significant growth. “When I created DShield.org, it was to build an information sharing analysis center (ISAC) for the little guy who couldn’t participate in the banking or energy ISACs. Now we are receiving 24 million records per day. It will be interesting to see what we can learn when we apply our approach to specific industry verticals, like higher education, which inspired us to build DShield.org to begin with,” said Johannes Ulrich, founder of DShield.org and CTO of the SANS Internet Storm Center (ISC).
DShield.org is a free distributed intrusion detection system that provides a platform for firewall users to share intrusion information. Since DShield.org’s official launch in 2000, it has grown to be a dominating attack correlation engine with worldwide coverage, and is the data collection engine behind the SANS Internet Storm Center. Analyses provided by DShield.org have been used in early detection of worms such as Ramen, Code Red, Leaves, and SQL Snake.
The ISAI research project is funded by the National Institute of Justice and conducted through Columbia University’s Teachers College. Survey and interview data is currently being collected from over one hundred IT directors of colleges and universities across the U.S. Three universities’ networks will be monitored for network analysis. This data will be integrated with federal policy and best practices to create recommendations and implementation options. Results of this 18-month project will be released in 2006.
This project is supported by Grant No. 2004-IJ-CX-0045 awarded by the National Institute of Justice, Office of Justice Programs, US Department of Justice. Points of view in this document are those of the author and do not necessarily represent the official position or policies of the US Department of Justice.