Re: Anomaly detection and Snort

["David J. Bianco" <david () vorant com>]

Mike DeGraw-Bertsch wrote:
> Howdy,
>
> My company, CounterStorm, has developed packet content level anomaly
> detection for the security space.  The technology builds statistical
> models of the contents of network traffic, and looks for anomalies
> within this.  It's distinctly different from most AD technology in that
> it's actually working on layer 7, not just looking at traffic volumes.
> We're considering making this available as a Snort module.

Sounds pretty neat.  Is this something you're considering releasing
as open source, or a binary-only distribution?

        David


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users