|
PAYL is a payload-based anomaly detector. It models the normal application
payload of network traffic in a fully automatic, unsupervised and very
efficient fashion, and is designed to detect attacks that are otherwise
normal connections except that the packets carry bad (anomalous) content
indicative of a new exploits.
|
|
The Worminator project, part of the Intrusion Detection Systems group at Columbia University,
aims to support next-generation distributed intrusion detection technologies, using Counterstorm's
Antura sensor and the Columbia IDS PAYL sensor.
|
|
The Prophet project, part of the Intrusion Detection Systems Lab, generates attacker profiles automatically
based on statistical information of the attacker behaviors. The goal of this project is to be able to predict future
attacks, given the profiles created.
|
|
|
For even older projects, check the old IDS website.
|