there is a mistake in my previous post...
Please read the first line as "Yes...its true that there are more
misuse based ID systems than the anomaly based. "
thanks
At 11:02 AM 7/28/2006, SanjayR wrote:
Yes...its true that there are more anomaly based ID systems than the
misuse based. One possible reason may be the rate of FPs for anomaly
based systems. If you look at the research perspective, there is a
big gap between the research and commercial ID systems. Reason may
be research is focusing on Machine learning, data mining algorithms
and such algorithms may be expensive specially in the case of IPS
(in case of IDS, it should be OK). However, good thing is that, now
I hear companies talking about anomaly based detection engine in
their products. Therefore, we are going to see some hybrid IDS too..
there is a list of products on Honeynet..
http://www.honeypots.net/ids/products
thanks
-Sanjay
At 04:33 PM 7/26/2006, miaomitiff119 wrote:
Recently I was given a task to survey the relative success of Intrusion
Signature Detection and Intrusion Anomaly Detection. Does anyone know how to
get a complete list of all IDS products?:) From what I know, there are more
signature detection systems on the market than the anomaly detection
systems...is that true? What about the hybrid of the two?:)
Thank you!!!!
--
View this message in context:
http://www.nabble.com/anomaly-vs-signature-tf2003214.html#a5501191
Sent from the IDS (Intrusion Detection System) forum at Nabble.com.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Sanjay Rawat
INTOTO Software (India) Private Limited
Homepage: http://sanjay-rawat.tripod.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks
from CORE IMPACT.
Go to
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Sanjay Rawat
Senior Software Engineer
INTOTO Software (India) Private Limited
Uma Plaza, Above HSBC Bank, Nagarjuna Hills
PunjaGutta,Hyderabad 500082 | India
Office: + 91 40 23358927/28 Extn 422
Website : www.intoto.com
Homepage: http://sanjay-rawat.tripod.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
