FLC News

Autonomous Metadata Producer

DConT2

Scientists at the National Security Agency (NSA) have developed the autonomous metadata producer (AMP), a server configured with specialized, commercially available hardware to collect packet headers at high rates and software to turn those packet headers into valuable metadata for export. It generates custom records of network traffic independent of any network hardware (i.e., routers). It circumvents a number of problems that arise when these records are generated by routers or other devices, and performs analysis for intrusion detection. AMP enhances flow-based metadata systems by allowing customization to optimize flow collection and analysis. The AMP typical flow aggregation scheme is enhanced to become an intrusion detection and analysis tool. The AMP delivers more accurate data records with better precision and reliability than router-generated flow systems.

Demonstration Capability

There is a presentation and a proof-of-concept available to show the ability of a server to generate flow records at the rates needed.

Potential Commercial Application(s)

This technology applies to applications that use flow base processing, network intrusion and metadata production.

Patent Status

A patent application has been filed with the USPTO.

More info: Contact the NSA at 443-445-7159 or express your interest in writing to National Security Agency, NSA Technology Transfer Program, 9800 Savage Road, Suite 6541, Fort George G. Meade, MD 20755-6541.

Category: 
FLC News