[Oisf-devel] Oisf-devel Digest, Vol 35, Issue 18
Victor Julien
victor at inliniac.net
Wed Mar 13 15:41:11 UTC 2013
On 03/08/2013 12:36 PM, Prabhakaran Kasinathan wrote:
> I would like to start this thread again, Since I am looking for Anomaly
> detection in Suricata.
> I read from your blogs and previous updates from suricata that, your
> team were also working on anomaly detection on suricata.
Not sure what you're referring to here.
> In particular my needs are, with some basic functions like, profile
> generation on a particular interface and trigger events in case of
> deviation from normal reference profile.
>
> I found this preprocessor in snort. i.e an Anomaly Detector
> (http://anomalydetection.info/) . It looks interesting.
>
> Is there someway to integrate this existing plugin into suricata?
There probably is, but our API's are not compatible to Snort, so it will
require quite a bit of dev work.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list