Département d'ingénierie informatique

Accueil | Bienvenue | Enseignement |  Research   |Actualité |Miscellaneous |

Project leader : B. Le Charlier

Researcher : X. Martin, N. Vanderavero

Collaboration :

• O. Bonaventure, X. Brouckaert (INGI, UCL, Belgium),
• M. Dacier (Eurecom, France),
• M. Ducassé (INSA/IRISA, Rennes, France),
• V. Letocart (Institut d'informatique, FUNDP, Belgium),
• A. Mounji (SWIFT).

Funds : FSR

Description :

Intrusion detection deals with prevention of attacks on computer systems (computer worms, Trojan horses, service denials, etc.). We are mainly interested in the definition and the implementation of computer languages specialized in the detection of this kind of attacks. We maintain and develop the ASAX system, created at FUNDP by 1991.

On one hand, a detailed study of the performances of ASAX has been performed using as a benchmark a set of tests proposed by DAPRA. We currently work on the optimization of ASAX in order to allow simultaneous execution of a large amount of intrusion detection rules under a heavy load (analysis of high-speed networks).

On the other hand, we have built a system to collect malicious information, named the "Honeytank". This system is significantly more efficient than the classical "honeypots" but it does not yet collect as good quality information. In the future, we will try to improve the "Honeytank" focusing on the following aspects: quality of the service simulation, non detectability by attackers.