« Return to Thread: anomaly vs signature
Re: anomaly vs signature
by Rodrigo Blanco
::
Rate this Message:
Hello,
with such a changing market, any "complete" product list might be
obsolete tomorrow... :-) also, bear in mind the different approaches
(host/network-based, detection/prevention, ...) but here you go, this
is quite a complete one:
http://www.honeypots.net/ids/products
IMHO, more vendors are still focused on signature systems, rather than
anomaly detection. But this should change in the future with more
vendors using multiple decision criteria ("hybrid" solutions).
A good example of a hybrid technology is McAfee Intrushield (IPS),
which combines signature and anomaly detection:
https://secure.nai.com/us/enterprise/products/network_intrusion_prevention/index.html
Best regards,
Rodrigo.
On 26/07/06, miaomitiff119 <miaomitiff119@...> wrote:
>
> Recently I was given a task to survey the relative success of Intrusion
> Signature Detection and Intrusion Anomaly Detection. Does anyone know how to
> get a complete list of all IDS products?:) From what I know, there are more
> signature detection systems on the market than the anomaly detection
> systems...is that true? What about the hybrid of the two?:)
>
> Thank you!!!!
> --
> View this message in context: http://www.nabble.com/anomaly-vs-signature-tf2003214.html#a5501191
> Sent from the IDS (Intrusion Detection System) forum at Nabble.com.
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
with such a changing market, any "complete" product list might be
obsolete tomorrow... :-) also, bear in mind the different approaches
(host/network-based, detection/prevention, ...) but here you go, this
is quite a complete one:
http://www.honeypots.net/ids/products
IMHO, more vendors are still focused on signature systems, rather than
anomaly detection. But this should change in the future with more
vendors using multiple decision criteria ("hybrid" solutions).
A good example of a hybrid technology is McAfee Intrushield (IPS),
which combines signature and anomaly detection:
https://secure.nai.com/us/enterprise/products/network_intrusion_prevention/index.html
Best regards,
Rodrigo.
On 26/07/06, miaomitiff119 <miaomitiff119@...> wrote:
>
> Recently I was given a task to survey the relative success of Intrusion
> Signature Detection and Intrusion Anomaly Detection. Does anyone know how to
> get a complete list of all IDS products?:) From what I know, there are more
> signature detection systems on the market than the anomaly detection
> systems...is that true? What about the hybrid of the two?:)
>
> Thank you!!!!
> --
> View this message in context: http://www.nabble.com/anomaly-vs-signature-tf2003214.html#a5501191
> Sent from the IDS (Intrusion Detection System) forum at Nabble.com.
>
>
> ------------------------------------------------------------------------
> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it
> with real-world attacks from CORE IMPACT.
> Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
> to learn more.
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
« Return to Thread: anomaly vs signature
| Free embeddable forum powered by Nabble | Forum Help |
