An independent test and evaluation of 15 different network intrusion-protection system products from seven vendors showed none were fully effective in warding off attacks against Microsoft, Adobe and other programs. NSS Labs, which conducted the test without vendor sponsorship of any kind, also evaluated the 15 network IPS offerings for their capability in responding to “evasions,” attacks delivered in an obfuscated and stealthy manner in order to hide. In that arena, Juniper Networks and TippingPoint didn’t perform particularly well. Juniper IPS scored lowest at only 17% effectiveness. In that arena, the McAfee and IBM IPS held up particularly well.
After quite some time of silence regarding my work on Wireless Intrusion Detection and Prevention Systems (WIDS / WIPS), I’m considering continuing that work. In past I have done research, published couple of papers on this topic at conferences and journals and also created concept, basic architecture and design of system and products. This possible “reactivating” of work is particularly pushed by recent interest of companies, organizations and institutions including commercial, government etc, and requirements of many production environments.
This is just brief description. If you are interested in more details or want to consider contribution or investment into this development send me e-mail.
Paper Reduction of False Positive Intrusions by using Neural Nets, which I worked on with colleagues, is now available at IEEE Digital Library. Abstract The main idea of this paper is to propose a new solution for a Wireless Intrusion … Continued
8th IEEE International Conference – TELSIKS 2007 will take place from September 26 – 28, 2007 in Nis, Serbia. Visit conference site here. Paper titled “Reduction of False Positive Intrusions by Using Neural Nets” which I worked on with couple … Continued
My paper Network Systems Intrusion: Concept, Detection, Decision, and Prevention is published here, go to page 40. Abstract: This paper analyzes concepts for intrusion detection processes; building decision making (DM) criteria on the bases of intrusion detection, and prevention based on DM … Continued
One of my research interests for last couple years are Intrusion Detection and Prevention Systems (IDS/IPS), especially wireless and mobile. I call them (WIDS/WIPS and MIDS/MIPS). My work on research in this area is also considering usage of artificial intelligence … Continued
Availability of new version of OSSEC (Open Source Host-based Intrusion Detection System) has been announced today at SecurityFocus mail list dedicated to intrusion detection systems. OSSEC performs log analysis, file integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. … Continued
A week ago, Neel Mehta from IBM Internet Security Systems X-Force has reported a vulnerability in Snort, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the … Continued
10th International Symposium on Recent Advances in Intrusion Detection 2007 (RAID 2007) will be held on September 5-7, 2007 in Crowne Plaza Hotel, Gold Coast, Queensland, Australia. Symposium is hosted by Information Security Institute, Queensland University of Technology, Brisbane, Australia. … Continued