IDS mailing list archives
RE: Current research on IDS
From: "Dimitrios Patsos" <dpat () space gr>
Date: Thu, 11 Jan 2007 17:09:25 +0200
Hi Mark, IDS/IPS research is still on..
From what I know, the RAID (Recent Advances in Intrusion Detection) 2007
symposium will be held for 10th consecutive year. CERIAS at Purdue University are still quite active, as well as NC State University at NY, Lincoln Laboratory at MIT, IDS Lab at Columbia, UC Davis, Carnegie Mellon, Microsoft Research, Mc Afee, etc. However, there is a major change to the topics that IDS research is currently addressing. It is true that behavioral analysis & pattern recognition are quite mature to be further developed (this doesn't mean that there is not heavy research on these topics). Current hot topics, to the best of my knowledge, are automatic signature generation, rate-limiting mechanisms, mimicry attack prevention techniques, etc. What seems to be of interest is integration of Intrusion Detection/Prevention with vulnerability assessment, standardization of vulnerability reporting and vulnerability semantics (however elementary this may seem, it is not yet resolved), integration with Security Information Management Systems, active responses, etc. Personally, I am working with a number of researchers on evolving the so-called "Intrusion Management Systems", a technology that can automatically produce and enforce adaptive and active response policies by concurrently addressing vulnerabilities, exploits and IDS signatures on distinct network flows. We have come to a number of unaddressed issues that have to be resolved before proceeding. Regards, Dimitrios G. Patsos -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of markospl Sent: Wednesday, January 10, 2007 1:02 PM To: focus-ids () securityfocus com Subject: Current research on IDS Hello, I would like to familarize with the current state of art (and research) on IDS. Unfortunately when I tried to contact with some widely-known scientific groups (columbia university, ibm zurich, etc.) I was informed that they reduced or even stopped working on that problems. Therefore I am wondering - does IDS is still being researched in scientific (academic) community? Is yes, could you give me some hints to the places where it is being researched and what are hot topics nowadays? Thank you very much! Regards, mark -- View this message in context: http://www.nabble.com/Current-research-on-IDS-tf2951848.html#a8255648 Sent from the IDS (Intrusion Detection System) mailing list archive at Nabble.com. ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=in tro_sfw to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- Current research on IDS markospl (Jan 10)
- RE: Current research on IDS Dimitrios Patsos (Jan 11)
- Re: Current research on IDS Raffael Marty (Jan 26)
- Re: Current research on IDS Karsten Iwen (Jan 11)
- Re: Current research on IDS Konrad Rieck (Jan 11)
- <Possible follow-ups>
- Re: Current research on IDS Maarten Van Horenbeeck (Jan 12)
- RE: Current research on IDS Dimitrios Patsos (Jan 11)