Open-source, Software only, Intrusion Detection System
Nowadays, computer systems have become more vulnerable to intrusions than ever. However, there is a limited number of open-source solutions to intrusion detection. Commercial products and hardware solutions are far too expensive for low-end users and enterprises. Our current research efforts focus on a fast, open-source intrusion detection system based on Snort and enriched with a fast pattern-matching algorithm, E2xB. i-Guard, the system we propose, is faster than existing solutions, even when it operates under attack conditions. Furthermore, it can be installed in every system, as it is a software-only solution, with a minimal cost of installation and maintenance.
You can download a graphical installer for i-Guard in zip or tar.gz format. The installer was tested for most operating systems.
For installation and usage instructions, you can refer to online manual (also available in pdf format)
- S. Antonatos, K. G. Anagnostakis, E. P. Markatos, M. Polychronakis. Performance Analysis of Content Matching Intrusion Detection Systems. Proceedings of the International Symposium on Applications and the Internet (SAINT2004), January 2004 (to appear). (pdf)
- K. G. Anagnostakis, E. P. Markatos, S. Antonatos, and M. Polychronakis. E2xB: A domainspecific string matching algorithm for intrusion detection. Proceedings of the 18th IFIP International Information Security Conference (SEC2003), May 2003. (pdf)
- E.P Markatos, S. Antonatos, M. Polychronakis and K.G Anagnostakis.
ExB: Exclusion-based signature matching for intrusion detection.
Proceedings of the IASTED
International Conference on Communications and Computer Networks (CCN),
pp. 146-152, Cambridge, USA, November 2002 (pdf
Fudning for this project is provided by the General Secretariat for Research and Technology through program PRAXE 02-210 "i-Guard: an integrated intrusion detection system for the Internet"