Tools for Intrusion Detection: Results and Lessons Learned from the ASAX Project

Agenda

ASAX ’s view of the ID problem

Functional Requirements in ASAX

ASAX: Language-based approach to ID

Intuitive Overview of RUSSEL

Combining Static Audit with Intrusion Detection

Distributed Audit Tail Analysis with RUSSEL

Recent Results in ASAX

ASAX in the commercial and research communities

The gap to better acceptance

Conclusions and lessons learned

For more information on ASAX