2010/12/13
philippereneviergonin created
 +===== FastMatch =====
 +date: 2006-2007 \\
 +type: europeen project - 6th FWP - 027095 \\
 +==== description of FastMatch ====
 +The aim of this project was to propose a
 +layered and agent-oriented framework to enable delivery of multiple pattern-based and behaviorbased
 +scanning, filtering and detection functions at much higher speeds than realized by existing
 +intrusion detection systems. This framework had to be robust in the sense to constantly adapt
 +and react to changing security threats in the longer term. The proposed framework was divided in
 +three layers: a hardware layer where some scanning, filtering and detection functions have been
 +implemented in FPGAs; a management station layer were more sophisticated detection algorithms
 +have been deployed on PCs to detect known and unknown attacks occurring in one network and
 +learn unknown ones and finally a knowledge layer were a multi-agent system has been proposed to
 +detect collaboratively distributed attacks occurring in distributed networks and to manage incidents
 +occurring in these networks. ​
 +==== Rainbow in FastMatch ====
 +Our role in the project was to design the last layer i.e. the knowledge
 +layer and to propose a model for automatic generation of worm signatures.
 +"​Collaborative attack detection and incident management in distributed networks"​
