Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Current research on IDS

from [Raffael Marty] Network Security [Permanent Link]
Subject: Re: Current research on IDS
Date: Wed, 24 Jan 2007 14:06:51 -0800 
Don't forget to check out where industry is on all of this. For example
the security information management market is something to look into.
There we have been doing the "vulnerability-IDS" feed correlation for a
long time. 
Also the automated procedures for active response is something that is
used in production to date. [Let's not get into a discussion whether
that's smart or not. There are cases where it absolutely is!]

My 2 cents

  -raffy


Hi Mark,

IDS/IPS research is still on..

From what I know, the RAID (Recent Advances in Intrusion Detection) 2007
symposium will be held for 10th consecutive year.

CERIAS at Purdue University are still quite active, as well as NC State
University at NY, Lincoln Laboratory at MIT, IDS Lab at Columbia, UC Davis,
Carnegie Mellon, Microsoft Research, Mc Afee, etc. 

However, there is a major change to the topics that IDS research is
currently addressing. It is true that behavioral analysis & pattern
recognition are quite mature to be further developed (this doesn't mean that
there is not heavy research on these topics). Current hot topics, to the
best of my knowledge, are automatic signature generation, rate-limiting
mechanisms, mimicry attack prevention techniques, etc.

What seems to be of interest is integration of Intrusion
Detection/Prevention with vulnerability assessment, standardization of
vulnerability reporting and vulnerability semantics (however elementary this
may seem, it is not yet resolved), integration with Security Information
Management Systems, active responses, etc.

Personally, I am working with a number of researchers on evolving the
so-called "Intrusion Management Systems", a technology that can
automatically produce and enforce adaptive and active response policies by
concurrently addressing vulnerabilities, exploits and IDS signatures on
distinct network flows. We have come to a number of unaddressed issues that
have to be resolved before proceeding.

Regards,

Dimitrios G. Patsos

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of markospl
Sent: Wednesday, January 10, 2007 1:02 PM
To: focus-ids@securityfocus.com
Subject: Current research on IDS


Hello,

I would like to familarize with the current state of art (and research) on
IDS. Unfortunately when I tried to contact with some widely-known scientific
groups (columbia university, ibm zurich, etc.) I was informed that they
reduced or even stopped working on that problems. Therefore I am wondering -
does IDS is still being researched in scientific (academic) community? Is
yes, could you give me some hints to the places where it is being researched
and what are hot topics nowadays? Thank you very much!

Regards, mark
-- 
View this message in context:
http://www.nabble.com/Current-research-on-IDS-tf2951848.html#a8255648
Sent from the IDS (Intrusion Detection System) mailing list archive at
Nabble.com.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in
tro_sfw 
to learn more.
------------------------------------------------------------------------




------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------



-- 

Raffael Marty, GCIA, CISSP                    raffael.marty@arcsight.com
Manager                                  Strategic Application Solutions
ArcSight, Inc.                                         +1 (408) 864 2662
http://secviz.org

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
 
to learn more.
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Wireless Monitoring, Kevin Taylor
Next by Date:  psad-2.0.4 released, Michael Rash
Previous by Thread:  RE: Current research on IDS, Dimitrios Patsos
Next by Thread:  Re: Current research on IDS, Konrad Rieck
Indexes:  [Date] [Thread] [Top] [All Lists]