Timeline description of IDS

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Abdelaziz MOUNJI : "Re: Timeline description of IDS"
• Previous message: Justin J. Lister: "Re: database"
• Next in thread: Abdelaziz MOUNJI : "Re: Timeline description of IDS"

G'day all,

    I want to create a historical database of Intrusion Detection
Systems that have or are currently being developed. I was interested in
finding any systems that were missing from my list. While I have alot
of the information necessary to construct the list, at the moment I
lack the time (working on a thesis). I thought that it might be useful
to post the list of systems I know about and the format for the
database records (that way anyone associated with various systems
might like to fill in the record for me). B)

Thanks for your assistance...

-----[ F O R M A T ]-------------------------------------------------

System Name:  | Research Project Name: 
Institution(s):
Contact Reference:
Author(s): | Developer(s): | Tester(s):
Project Start Date: | Project Finish Date:
System Environment(s): {System, OS, GUI, System Function, Network
  Access [Addr], # Users, ...}
Version Info: {# : Date, ...}

Keywords: 

Brief System Description: (6-12 lines)

An example record

-----------------------------------------------------------------------

System Name: Discovery.
Institution(s): TRW Information Services.
Contact Reference: ??
Author(s): William T. Tener
Project Start Date: 1986  Project Finish Date: ??
System Environment(s): IBM 3090s, MVS, ??, Credit Database, dial-up
access, 400,000 inquires/day, 120,000 access codes.
Version Info: ??

Keywords: data driven, customer profiles, pattern recognition, anomaly
detection.

Brief System Description:

Discovery searches for frequently occurring customer service access
patterns to develop a ``user profile'' of customer inquiries. Daily
customer inquiries are analyzed for error-free inquiries, which are
compared with the established customer profiles. Records which fall
within acceptable bounds (using a weighted algorithm) a dropped from
further processing, all records outside these bounds are recorded for
further processing, and a error rejection message is displayed.
Utilizes a self-learning, data driven expert system for pattern
recognition. Capable of reviewing 400,000 inquires per day, from a
potential base of 120,000 customer access codes. The system is dynamic
in its ability to detect and absorb subtle changes in user inquiry
formats over time.

-- 
+---------------------+--------------------------------------------------+
|  ____       ___     | Justin Lister                 ruf@cs.uow.edu.au  |
| |    \\   /\ __\    |     Center for Computer Security Research        |
| | |) / \_/ / |_     | Dept. Computer Science      voice: 61-42-835-114 |
| |  _ \\   /| _/     | University of Wollongong      fax: 61-42-832-807 |
| |_/ \/ \_/ |_| (tm) |     Computer Security a utopian dream...         |
|                     |       Disclaimer: dreaming is at own risk        |
+---------------------+--------------------------------------------------+

• Next message: Abdelaziz MOUNJI : "Re: Timeline description of IDS"
• Previous message: Justin J. Lister: "Re: database"
• Next in thread: Abdelaziz MOUNJI : "Re: Timeline description of IDS"