Grant A. Jacoby

Battery-based intrusion detection

This paper proposes an early warning system via a host-based form of intrusion detection that can alert security administrators to protect their corporate network(s). This innovative technique operates through the implementation of battery-based intrusion detection (B-bid) on mobile devices by correlating attacks with their impact on device power consumption using a rules-based host intrusion detection engine (HIDE). HIDE monitors power behavior to detect potential intrusions by noting irregularities of power consumption.

Battery-based intrusion detection a first line of defense

This paper proposes a first line of defense early warning system via a host-based form of intrusion detection that can alert security administrators to protect their corporate network(s). This innovative technique operates through the implementation of battery-based intrusion detection (B-bid) on mobile devices by correlating attacks with their impact on device power consumption using a rule-based host intrusion detection engine (HIDE). HIDE monitors power behavior to detect potential intrusions by noting irregularities of power consumption and works in conjunction with a host analysis signature trace engine (HASTE) to provide protection to both mobile hosts and, by extension, their affiliated network.

Mobile Host-Based intrusion Detection and Attack Identification

Although much attention has focused on optimizing power in batteries for mobile devices, little attention to date has focused on battery constraints to determine if an attack is present. This research proposes that resident monitoring of the demands placed on a batterys current (mA) and other system processes can be used as an early-warning, trip-wire-like sensor for mobile hosts as a means to block attacks as well as to identify them.

Using Battery Constraints within Mobile Hosts to Improve Network Security

Distributed battery-based intrusion detection (B-BID) is an efficacious early-warning system that can complement existing intrusion detection systems (IDSs) by alerting users to protect their mobile devices as well as network administrators to protect their corporate networks by correlating device power consumption with application and attack activity data

Intranet portal model and metrics: a strategic management perspective

Although many corporations store a great deal of information in their corporate intranets, few have a reliable means of measuring the effectiveness of their intranet portals to use this information to meet specific business needs. Turning information into knowledge capital that corporations can leverage quickly for competitive advantage requires a model and supporting metrics. Most intranet portal measurements are based almost exclusively on usage statistics - with little or no thought given to design or user experience - and corporations apply them in a nonstandardized manner, providing no meaningful insight into how well intranets help corporations achieve their strategic objectives. What has been missing is a comprehensive model and methodology to base measurements on logically related groups of metrics, which, when measured periodically, provide actionable steps to optimize the efficiency and effectiveness of intranet portals.

Intranet model and metrics

Measuring intranet overall value contributions based on a corporations critical business requirements.

Effective Reporting (ER) for Mobile Host-Based Security and Forensics

A mobile devices intrusion protection system (IPS) is at odds with itself: it should run as often as necessary and remain transparent to the system and the users; however, it should use as little system resources as possible to detect, report and prevent intrusions. By creating a forensics report that regularly monitors demands placed on battery current (mA) as well as correlating power and event activities, such as processes, open ports, and registry keys, a mobile host-based form of intrusion protection can be easily integrated into virtually any network intrusion detection system (IDS.) This paper outlines a novel design, test and build methodology to generate an effective security profile and an efficient bit-vector reporting format, to provide an enhancement in detecting, alerting and responding to various misuse conditions.

Monitoring Mobile Device Vitals for Effective Reporting (ER)

This paper outlines how to proactively screen the health of a corporate network and perform first aid by systematically monitoring vital signs of mobile devices within the network. The first contribution is the set of vital signs consisting of event activities such as registry content changes, active processes, open ports, power usage thresholds, and power signatures (using the Battery-based intrusion detection system) to detect and prevent system intrusions. These vital signs are periodically reported back to a monitor using agents we designed for effective reporting (ER). These ER agents are installed in hosts and routers throughout the network. To minimize communications overhead, we achieve a size reduction of the raw, XML health reports by over 98% in a short-list, delta-set update. As a result, a 1.07 MB update was reduced to only 3,756 B. These updates are received by the ER monitor(s) and analyzed using existing intrusion detection and prevention systems providing a means to diagnose and isolate potential health hazards within the network that are not perceptible to individual devices

Towards command and control networking of cooperative autonomous robotics for military applications (CARMA)

This research focuses on the development of a network of cooperative autonomous robotics for military applications (CARMA) that work together to search, track, carry, deploy and retrieve sensor and other small payloads for a variety of purposes. CARMA addresses how the distributed hierarchical structure employed by the military is ideally suited as an efficient and robust model for distributed cooperative robotics that reduces the operator-to-robot ratio, which until now has been mostly biologically-inspired.

Battery-Based Intrusion Detection: A Focus on Power for Security Assurance

An intrusion detection system (IDS) for mobile devices is at odds with itself: IDS should run continuously and remain transparent to the system and the user(s); however, the IDS should use as little system resources as possible to detect and prevent intrusions. This paper proposes an efficacious early warning system via a mobile host-based form of intrusion detection that can alert security administrators to protect their corporate network(s). This innovative technique operates through the implementation of battery-based intrusion detection (B-bid) on mobile devices by correlating attacks with their impact on device power consumption using a rules-based host intrusion detection engine (HIDE). HIDE monitors power behavior to detect potential intrusions by noting irregularities of power consumption and works in conjunction with a scan port intrusion engine (SPIE) and a host analysis signature trace engine (HASTE) to provide protection to both mobile hosts and, by extension, their affiliated network(s).