In the EMERALD development project, a suite of components is currently under preparation for final release. This includes monitors for a variety of network protocols, host-based monitors for different operating systems etc. First-level event analysis is performed through both signature analysis with expert systems and probabilistic anomaly detection. Other components handle message formatting and transportation, higher-level analysis, response etc.
If you are interested in the availability of EMERALD components for distribution or site licenses, please contact us at firstname.lastname@example.org for more information.
|Project Description||Conceptual Overview||Publications|
|Research Opportunities||Component Releases||IDS Research|
|System Design Lab||SRI International||Contact|