Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: IDS with Case-Based Reasoning

from [Stefano Zanero] Network Security [Permanent Link]
Subject: Re: IDS with Case-Based Reasoning
Date: Wed, 31 Aug 2005 21:20:45 +0200 
Israel wrote:


It will be use Case-Based Reasoning and handle a repository with the
malicious network log to generate responses.


Israel,

what I suggest to you is a deep research in literature - many things
have already been done, tried and tested. We do not want to reinvent the
wheel, or to try to make it square and see if it works, do we ? :)

Second, you need to better define your problem. What you want to analyze
? What's the objective to it ? "Case Based Reasoning" is very much like
saying nothing: it's a broad class of methods, but you should try to
clarify what you want to do a little bit.

Finally, there's a couple of programs (snot and mucus) that already
generate packets from snort rules. I cannot see why you would want to do
that, but if you want to, you have no need to write them from scratch.

Best,
Stefano Zanero
Ph.D. Student
Politecnico di Milano - Dip. Elettronica e Informazione
www.elet.polimi.it/upload/zanero

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IPS technology question., THolman
Next by Date:  Re: NADS ( was RE: IPS comparison), Iván Arce
Previous by Thread:  Re: IDS with Case-Based Reasoning, Israel
Next by Thread:  Re: IDS with Case-Based Reasoning, Israel
Indexes:  [Date] [Thread] [Top] [All Lists]