Re: IDS - DECISION SUPPORT SYSTEM

[Avi C <chesla () 012 net il>]

Try to search for expert systems that are used for correlating intrusion
events. There are some academic researches and patents/pending patents and
this area.

Avi.


----- Original Message ----- 
From: <trantichphuoc () yahoo com>
To: <focus-ids () securityfocus com>
Sent: Friday, August 12, 2005 7:18 AM
Subject: IDS - DECISION SUPPORT SYSTEM


> Hi There
>
> I am doing a project of applying data mining techniques to Intrusion
Detection systems.
> I am also interested in DECISION SUPPORT SYSTEM (Note that this is
decision SUPPORT system, not decision MAKING. So it does not make decision
but SUPPORT the decision making process.). So I decide to have DECISION
SUPPORT SYSTEM as a section of my project.
> The problem is that I dont know how to LINK Intrusion Detection to
DECISION SUPPORT SYSTEM.
> I thought: IDS can detect possible THREATS and this helps Network Admin to
make DECISION about the security level, or DO corrective ACTIONS.
> Can you give me some thoughts of HOW TO LINK/RELATE IDS to DECISION
SUPPORT SYSTEM? In the other words, how IDS can be considered as a DECISION
SUPPORT SYSTEM and are there any products relating to this topic in real
world?
> Thanks
>
> Have a nice day
>
> Patrick Tran
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------