Re: HIDS misuse based and BSM file

["Sanjay R" <2sanjayr () gmail com>]

I don't know about the products/ready-made tools as such, but most of
the research proposals on HIDS+Misuse are/were based on BSM system
trace. the reason being the DARPA data for HIDS is collected by using
BSM.

-Sanjay

On 19 Jan 2007 17:18:38 -0000, matteo.ignaccolo () gmail com
<matteo.ignaccolo () gmail com> wrote:
> Hi,
> I am a computer science student, I'm doing a taxonomy of IDS for an university project.
> I'm searching for host ids misuse based (signature based) that read Basic Security Module audit data files, if exist, 
> in particular open source or academic products. Ideas?
>
> Tanks,
>
> Matteo Ignaccolo
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
> to learn more.
> ------------------------------------------------------------------------


--
PhD
Intoto Softwares, Hyderabad, India

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------