[Snort-users] Anomaly detection and Snort

David J. Bianco david at ...13799...
Thu Apr 12 16:37:24 EDT 2007


Mike DeGraw-Bertsch wrote:
> Howdy,
> 
> My company, CounterStorm, has developed packet content level anomaly
> detection for the security space.  The technology builds statistical
> models of the contents of network traffic, and looks for anomalies
> within this.  It's distinctly different from most AD technology in that
> it's actually working on layer 7, not just looking at traffic volumes.
> We're considering making this available as a Snort module.
>

Sounds pretty neat.  Is this something you're considering releasing
as open source, or a binary-only distribution?

	David





More information about the Snort-users mailing list