WELCOME TO the CRISIS home page. CRISIS (Critical Resource Allocation and Intrusion Response for Survivable Information Systems) has as its objective the unification of several disparate intrusion detection, response, and control tools. Specifically, it is designed to provide two basic services that till now have received less emphasis than they deserve:

• A coherent architecture for deploying intrusion detection and response tools. There are a great variety of intrusion detection systems and intrusion response tools available for use. Often, however, these systems and tools cannot cooperate in an efficient manner, in terms of sharing resources and pooling information. CRISIS will provide the platform on which existing and developing mechanisms can be deployed.
• Mechanisms for critical resource allocation. By the term critical resource allocation, we mean the allocation of computing, storage, and communication resources in the context of an attack. In particular, many attacks are designed to deny service to legitimate processes. In CRISIS, we will develop mechanisms to permit intrusion response tasks to take place, while still allowing "real" computation to proceed.

Table of Contents

• Background Information
• A Common Architecture for Intrusion Detection and Response
• Adaptive Critical Resource Allocation
• Lightweight Authentication
• Related Work
• People, Places, and Things
• Publications and Presentations
• Software to Download NEW!

(c) Copyright 1997 Brian Tung