Event Monitoring Enabling Responses to Anomalous Live Disturbances


  • eXpert-BSM: host-based intrusion detection for Solaris

In the EMERALD development project, a suite of components is currently under preparation for final release. This includes monitors for a variety of network protocols, host-based monitors for different operating systems etc. First-level event analysis is performed through both signature analysis with expert systems and probabilistic anomaly detection. Other components handle message formatting and transportation, higher-level analysis, response etc.

If you are interested in the availability of EMERALD components for distribution or site licenses, please contact us at emerald-release@sdl.sri.com for more information.


  Project Description Conceptual Overview Publications
  Research Opportunities Component Releases IDS Research
  System Design Lab SRI International Contact