Re: IDS - DECISION SUPPORT SYSTEM

From: Avi C (chesla_at_012.net.il)
Date: 08/16/05

  • Next message: Bill Stout: "RE: A possible HIPS? Was: Looking for HIDS-only products for XP/2000Pro" 
    Date: Tue, 16 Aug 2005 18:31:52 +0200
To: trantichphuoc@yahoo.com, focus-ids@securityfocus.com

    Try to search for expert systems that are used for correlating intrusion
    events. There are some academic researches and patents/pending patents and
    this area.

    Avi.

    ----- Original Message -----
    From: <trantichphuoc@yahoo.com>
    To: <focus-ids@securityfocus.com>
    Sent: Friday, August 12, 2005 7:18 AM
    Subject: IDS - DECISION SUPPORT SYSTEM

    > Hi There
    >
    > I am doing a project of applying data mining techniques to Intrusion
    Detection systems.
    >
    > I am also interested in DECISION SUPPORT SYSTEM (Note that this is
    decision SUPPORT system, not decision MAKING. So it does not make decision
    but SUPPORT the decision making process.). So I decide to have DECISION
    SUPPORT SYSTEM as a section of my project.
    >
    > The problem is that I dont know how to LINK Intrusion Detection to
    DECISION SUPPORT SYSTEM.
    >
    > I thought: IDS can detect possible THREATS and this helps Network Admin to
    make DECISION about the security level, or DO corrective ACTIONS.
    >
    > Can you give me some thoughts of HOW TO LINK/RELATE IDS to DECISION
    SUPPORT SYSTEM? In the other words, how IDS can be considered as a DECISION
    SUPPORT SYSTEM and are there any products relating to this topic in real
    world?
    >
    > Thanks
    >
    > Have a nice day
    >
    > Patrick Tran
    >
    >
    > ------------------------------------------------------------------------
    > Test Your IDS
    >
    > Is your IDS deployed correctly?
    > Find out quickly and easily by testing it
    > with real-world attacks from CORE IMPACT.
    > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    > to learn more.
    > ------------------------------------------------------------------------
    >

    ------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it
    with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
    to learn more.
    ------------------------------------------------------------------------

  • Next message: Bill Stout: "RE: A possible HIPS? Was: Looking for HIDS-only products for XP/2000Pro"

    Relevant Pages

    • Re: [BULK] IDS - DECISION SUPPORT SYSTEM
      ... IDS, provided you can identify the true sources of data wherein attacks ... >I am doing a project of applying data mining techniques to Intrusion ... >decision SUPPORT system, not decision MAKING. ...
      (Focus-IDS)
    • IDS - DECISION SUPPORT SYSTEM
      ... The problem is that I dont know how to LINK Intrusion Detection to DECISION SUPPORT SYSTEM. ... IDS can detect possible THREATS and this helps Network Admin to make DECISION about the security level, ...
      (Focus-IDS)
    • Re: IDS - DECISION SUPPORT SYSTEM
      ... My suggestion is to use counters for several types of entities. ... Then you use thresholds based on the ... > The problem is that I dont know how to LINK Intrusion Detection to DECISION SUPPORT SYSTEM. ... IDS can detect possible THREATS and this helps Network Admin to make DECISION about the security level, ...
      (Focus-IDS)