IDS mailing list archives
Re: Alert Correlation
From: "SecurIT Informatique Inc." <securit () iquebec com>
Date: Wed, 13 Aug 2003 13:10:48 -0400
You can check the documentation from my tool LogIDS 1.0 (download at http://securit.iquebec.com), where I cover the theory behind this tool and how to configure it. It is a new kind of log analysis-based intrusion detection system, gathered from various sources accross the network. This is not "event correlation" in the original meaning of the word, but rather an alternative way to see event correlation. This may gove you a different look on the topic.
Hope it helps. Floydman At 04:30 PM 12/08/2003, Thiago Mello wrote:
Hello Im doing a research on Alert correlation of IDS sensors, and until now I only just found two papers: Alert Correlation in a Cooperative Intrusion Detection Framework and Validation of Sensor Alert Correlators. If anybody could give me some links, I'll be very thankfull. Regards, -- Thiago Mello - tmello () pop com br --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm --------------------------------------------------------------------------- _____________________________________________________________________ MSN Messenger, nouvelle version ! Personnalisez vos messages, jouez en ligne et communiquez en temps réel par vidéo! http://ifrance.com/_reloc/m
--------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
Current thread:
- Alert Correlation Thiago Mello (Aug 12)
- Re: Alert Correlation SecurIT Informatique Inc. (Aug 15)