[576] in Intrusion Detection Systems
Re: My Introduction
daemon@ATHENA.MIT.EDU (Aziz MOUNJI)
Sat Feb 10 13:36:52 1996
Date: Wed, 7 Feb 1996 10:22:20 +0100
From: amo@info.fundp.ac.be (Aziz MOUNJI)
To: ids@UOW.EDU.AU
Reply-To: ids@uow.edu.au
Mark Riggins wrote:
> From: mdr@vodka.sse.att.com
> Subject: My Introduction
> As part of this effort, I have developed an
> alarm rules language. The language was designed to be easily and
> quickly implemented and extensible, sacrificing readability because
> its rules are generated by a GUI interface.
In ASAX project, we developped a rule-based language for audit trail analysis.
It is called Russel (RUle-baSed Sequence evaluation Language). It offers
control structures and supports on-line analysis. Its main feature is the
capability of detecting the occurrence of *sequence* of events instead of
single events. It has an interface to C. We are working on a distributed
implementation of Russel.
> Does any one have an index of all the best articles, journals, papers etc?
All papers can be obtained from ftp.info.fundp.ac.be under /pub/users/amo/papers
Aziz Mounji.
--------------------------+-------------------------------------
| Abdelaziz Mounji | amo@info.fundp.ac.be |
| ASAX project | http://www.info.fundp.ac.be/~amo |
| Institut d'Informatique | voice: +32 81 724987 |
| University of Namur | Fax : +32 81 724967 |
----------------------------------------------------------------
