intrusion detection system

From: Tomas Pluskal (plusik_at_pohoda.cz)
Date: 10/18/04

Next message: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"

Previous message: Tomas Pluskal: "new intrusion detection system"
Next in thread: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"
Maybe reply: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"
Reply: Justin Bastedo: "Re: intrusion detection system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 18 Oct 2004 15:18:31 +0200 (CEST)
To: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org

Hello to all,

I have implemented a new type of intrusion detection system for my Master
thesis. I would like to announce this information, in case anyone would be
interested in this research.

The IDS system is designed as a kernel module for FreeBSD 5.2. It is
inspired by the SpamAssassin program, which detects spam by applying a set
of tests to every email message and counting a sum of point score
generated by each test. My IDS system applies a set of tests to every
running process in the OS and counts its score generated by the tests.
Therefore, the purpose of the IDS is not to monitor the network traffic,
but rather to monitor the process activity.

The current system status is a "working prototype" - it is more a research
than a real IDS.

If you are interested in this, please read the details here:
http://plusik.pohoda.cz/thesis/

Thanks,

Tomas
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"

Previous message: Tomas Pluskal: "new intrusion detection system"
Next in thread: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"
Maybe reply: Ozdemircili Ozgur NMI Civ TR 425 ABS/SGST: "RE: intrusion detection system"
Reply: Justin Bastedo: "Re: intrusion detection system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

new intrusion detection system
... I have implemented a new type of intrusion detection system for my Master ... The IDS system is designed as a kernel module for FreeBSD 5.2. ... My IDS system applies a set of tests to every running process in the OS and ... not to monitor the network traffic, but rather to monitor the process activity. ...
(FreeBSD-Security)
new intrusion detection system
... I have implemented a new type of intrusion detection system for my Master ... The IDS system is designed as a kernel module for FreeBSD 5.2. ... My IDS system applies a set of tests to every running process in the OS and ... not to monitor the network traffic, but rather to monitor the process activity. ...
(freebsd-hackers)
intrusion detection system
... I have implemented a new type of intrusion detection system for my Master ... The IDS system is designed as a kernel module for FreeBSD 5.2. ... running process in the OS and counts its score generated by the tests. ... Therefore, the purpose of the IDS is not to monitor the network traffic, ...
(freebsd-hackers)
Re: intrusion detection system
... > The IDS system is designed as a kernel module for FreeBSD 5.2. ... > but rather to monitor the process activity. ... Attached is a PGP Public Key. ... Import this key into your copy of PGP to exchange encrypted and signed email. ...
(FreeBSD-Security)
new intrusion detection system
... I have implemented a new type of intrusion detection system for my Master ... The IDS system is designed as a kernel module for FreeBSD 5.2. ... My IDS system applies a set of tests to every running process in the OS and ... not to monitor the network traffic, but rather to monitor the process activity. ...
(Focus-IDS)