> Sparks team > Home

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

public:fastmatch [2010/12/13 21:35] (current)
philippereneviergonin created
Line 1: Line 1:
 +
 +===== FastMatch =====
 +
 +date: 2006-2007 \\
 +type: europeen project - 6th FWP - 027095 \\
 +[[http://​cordis.europa.eu/​fetch?​CALLER=PROJ_ICT&​ACTION=D&​CAT=PROJ&​RCN=79310|FastMatch]]
 +
 +==== description of FastMatch ====
 +
 +The aim of this project was to propose a
 +layered and agent-oriented framework to enable delivery of multiple pattern-based and behaviorbased
 +scanning, filtering and detection functions at much higher speeds than realized by existing
 +intrusion detection systems. This framework had to be robust in the sense to constantly adapt
 +and react to changing security threats in the longer term. The proposed framework was divided in
 +three layers: a hardware layer where some scanning, filtering and detection functions have been
 +implemented in FPGAs; a management station layer were more sophisticated detection algorithms
 +have been deployed on PCs to detect known and unknown attacks occurring in one network and
 +learn unknown ones and finally a knowledge layer were a multi-agent system has been proposed to
 +detect collaboratively distributed attacks occurring in distributed networks and to manage incidents
 +occurring in these networks. ​
 +
 +==== Rainbow in FastMatch ====
 +
 +Our role in the project was to design the last layer i.e. the knowledge
 +layer and to propose a model for automatic generation of worm signatures.
 +
 +"​Collaborative attack detection and incident management in distributed networks"​
 +
 +==== Rainbow Publications through FastMatch ====
 +