I'm working on some new ideas for IDS (intrusion detection systems) and just curious if anyone can point me to what's being used today and considered for the future in terms of research. My interest is data centers, virtualization for PaaS/SaaS, and general server security threat detection related to I/O and networking related vulnerability.
I guess I should have known I'd get no answer - not secure here :). Anyway, I'm looking into semantic storage for IDS and specifically on both guest OS and type-1 hypervisor layer, perhaps with Ceph for both block and object stores, and would like to test with Kali (http://www.kali.org/). If anyone has experience or pointers here, much appreciated.
I happen to be interviewing vendors on IDS systems we are looking at a IDS that can be at the firewall, FIREYE, We will be putting the IDS on our ASES 5555. it is also available . I believe on VM cloud option.
Thanks Mike!
I'm focused on the file system and DB side (so once the intruder has made it through the network to the data center back end tier) - are you working principally on the front-end?
Either way, I'm sure there is overlap in terms of anti-pattern recognition, log file processing, and general machine learning methods applied to define normal and abnormal behavior.
I'll take a look at FIREYE
Sam
- Badges
- Science topic
- Similar topics
- Computer Communications (Networks)
- Simulators