ACARM Filter Architecture
   HOME

TheInfoList



Click Here for Items Related To - ACARM Filter Architecture
OR:
ACARM Filter Architecture on:   [Wikipedia]   [Google]   [Amazon]

ACARM (Alert Correlation, Assessment and Reaction Module) is an
open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...
intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collec ...
. It was developed as a part of POSITIF project between 2004 and 2007. It was written as a practical proof of concept, presented in the article.


Filters architecture

The following image shows chain-like architecture for filters, as used in the system. Each alert enters each filter, stays there for a specified amount of time and proceeds further in chain. Main issue with such an approach is that alter can be reported only after its processing is done, which in turn takes at least few minutes.


Notes

Project is no longer maintained. It has been replaced with new, plug-in-based ACARM-ng.


See also

* ACARM-ng *
Intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collec ...
(IDS) *
Prelude Hybrid IDS Prelude SIEM is a Security information and event management (SIEM). Prelude SIEM is a tool for driving IT security that collects and centralizes information about the company's IT security to offer a single point of view to manage it. It can cre ...
*
BEEP The Blocks Extensible Exchange Protocol (BEEP) is a framework for creating network application protocols. BEEP includes building blocks like framing, pipelining, multiplexing, reporting and authentication for connection and message-oriented pee ...


References

{{Reflist Free software programmed in Java (programming language) Java (programming language) software