Scalable Monitoring in the Extreme (SMITE)

Our approach with SMITE is to provide a complete solution to the problem of scalable network monitoring.

Doodlebug

The Doodlebug approach will build a robust, redundant, decentralized network for event correlation, producing rich results by incorporating very large amounts of information.

Grasp

The GRASP applies application intrusion detection to detect the attacker, followed by proactive deception of the attacker to elicit information about the attacker’s skills, determination, resources and identity. GRASP analyzes the intrusion and changes the fine-grained security policy to prevent the intrusion in the future. GRASP collects its knowledge subtly over time and piece-by-piece. Machine learning techniques synthesize the attacker model from all the individual observations.