IDS mailing list archives
Re: anomaly vs signature
From: "Rodrigo Blanco" <rodrigo.blanco.r () gmail com>
Date: Tue, 8 Aug 2006 10:12:07 -0600
Hello, with such a changing market, any "complete" product list might be obsolete tomorrow... :-) also, bear in mind the different approaches (host/network-based, detection/prevention, ...) but here you go, this is quite a complete one: http://www.honeypots.net/ids/products IMHO, more vendors are still focused on signature systems, rather than anomaly detection. But this should change in the future with more vendors using multiple decision criteria ("hybrid" solutions). A good example of a hybrid technology is McAfee Intrushield (IPS), which combines signature and anomaly detection: https://secure.nai.com/us/enterprise/products/network_intrusion_prevention/index.html Best regards, Rodrigo. On 26/07/06, miaomitiff119 <miaomitiff119 () gmail com> wrote:
Recently I was given a task to survey the relative success of Intrusion Signature Detection and Intrusion Anomaly Detection. Does anyone know how to get a complete list of all IDS products?:) From what I know, there are more signature detection systems on the market than the anomaly detection systems...is that true? What about the hybrid of the two?:) Thank you!!!! -- View this message in context: http://www.nabble.com/anomaly-vs-signature-tf2003214.html#a5501191 Sent from the IDS (Intrusion Detection System) forum at Nabble.com. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- Re: anomaly vs signature SanjayR (Aug 02)
- Re: anomaly vs signature Roland Dobbins (Aug 03)
- Re: anomaly vs signature Michael Vergoz (Aug 07)
- <Possible follow-ups>
- Re: anomaly vs signature Rodrigo Blanco (Aug 08)
- Re: anomaly vs signature Roland Dobbins (Aug 03)