Intrusion Detection Systems mailing list archives

Re: RE: DARPA Event Monitoring Enabling Responses to Anomalous Live Distu rbances

From: Alfonso Valdes <valdes () csl sri com>
Date: Thu, 24 Aug 2000 21:35:26 -0700

All:

Very pleased to see the buzz on this mailing list regarding our EMERALD system.

EMERALD consists of distributed lightweight sensors managed by a common
interface.  EMERALD is unique in its breadth of inference technology, sensor
placement, and breadth of coverage.  Our components have been deployed in DARPA
settings side-by-side with other systems, and have been very favorably
received.  The vision of the 97 conference paper has largely been realized.

At present, we have an internet-downloadable IDS component which protects
Solaris systems (host-based IDS).  We will shortly have an internet-release
suite of components for network IDS, using both probabilistic (including anomaly
detection) and signature-based techniques.

The web site gives download instructions as well as contact information,
technical articles, etc.

"Harris, Tim"
wrote:-----------------------------------------------------------------------------

Early Conference description circa 1997
http://www.sdl.sri.com/emerald/emerald-niss97.html

SRI Web Page
http://www.sdl.sri.com/emerald/

-----Original Message-----
From: Meritt, Jim [mailto:Jim.Meritt () wang com]
Sent: Wednesday, August 23, 2000 12:46 PM
To: 'Ids
Subject: IDS: DARPA Event Monitoring Enabling Responses to Anomalous
Live Distu rbances

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
----------------------------------------------------------------------------
-
Anyone have information (besides their Aug 14 pres release, of course) on
EMERALD?

Thanks!

_______________________
The opinions expressed above are my own.  The facts simply are and belong to
none.
James W. Meritt, CISSP, CISA
Senior Secure Systems Engineer at Wang Government Services, Inc.

Attachment: valdes.vcf
Description: Card for Alfonso Valdes

Current thread:

RE: DARPA Event Monitoring Enabling Responses to Anomalous Live D istu rbances Crane, Caleb (Aug 24)
- <Possible follow-ups>
- RE: DARPA Event Monitoring Enabling Responses to Anomalous Live D istu rbances Harris, Tim (Aug 24)
  - Re: RE: DARPA Event Monitoring Enabling Responses to Anomalous Live Distu rbances Alfonso Valdes (Aug 25)