[355] in Intrusion Detection Systems

home help back first fref pref prev next nref lref last post

Summury of some IDS tools capabilities

daemon@ATHENA.MIT.EDU (Ludovic.Me@supelec-rennes.fr)
Wed Sep 20 14:16:15 1995

From: Ludovic.Me@supelec-rennes.fr
To: ids@uow.edu.au
Cc: lme@supelec-rennes.fr
Date: Wed, 20 Sep 95 11:41:14 +0100
Reply-To: ids@uow.edu.au

I am trying to summurize the capabilities of some
IDS tools. For that, I need your help ! If you know
about one or several of the following tools, could you
please answer the following question ?

1 - Could you correct the following table ?

    ----------------------------------------------------------------
    | Tool           | Statistical | Expert | Neural   | Genetic   |
    |                | method      | system | networks | Algorithm |
    ----------------------------------------------------------------
    | IDES           |      X      |    X   |          |           |
    | AudES          |             |    X   |          |           |
    | Computer Watch |             |    X   |          |           | 
    | DIDS           |      X      |    X   |          |           | 
    | HAYSTACK       |      X      |    X   |          |           | 
    | ISOA           |      X      |    X   |          |           | 
    | MIDAS          |      X      |        |          |           | 
    | NADIR          |      X      |    X   |          |           | 
    | NIDX           |      X      |    X   |          |           | 
    | W&S            |      X      |    X   |          |           | 
    | Hyperview      |      X      |    X   |     X    |           |   
    | GASSATA        |             |        |          |     X     |
    ----------------------------------------------------------------

2 - Could you precise what kind of statistical methods are 
    used by each tool and what kind of expert system (I meen "anomaly
    detection" or "penetration identification" ES) ?

3 - Could you send me informations on the availability
    of each tool (commercial product (with price), freeware, lab prototype)
    and informations on actuel use of each tool ?

4 - Finally, could you send me the same informations on any other tool
    forgotten in the previous table ?

I will of course compile your answers and post the result to the ids mailing 
list. Thanks in advance for responding ...

-- Ludovic M\'e 
-- SUPELEC
-- BP 28
-- 35511 Cesson Sevigne Cedex
-- Tel  : 99.84.45.00
-- Fax  : 99.84.45.99
-- email: lme@supelec-rennes.fr
-- web  : http://www.supelec-rennes.fr/rennes/si/equipe/lme/lm_welcome.html
-- PGP  : To get my 512 bits public key ID: 4824EBA9 (generated 1995/05/23) 
--        uudecode the following file and merge the result lme.pgp to your
--        pubring  by the command "pgp -ka lme.pgp".
--           begin 600 lme.pgp
--           MF0!-`B_!I!@```$"`.HMC!71RCW,OC<YEG2.\R%(2GX],K56\PJ9C?T(">*?
--           M0=NM2J!I>D)O'1;$F;Y51)5.E'Y=4)9\ALDJ!T@DZZD`!1&T(FQM92`\3'5D
--           :;W9I8RY-94!S=7!E;&5C+7)E;FYE<RYF<CXJ
--           `
--           end
home help back first fref pref prev next nref lref last post