Documents published in this section
PIGA-IDS : Policy-Based Intrusion Detection System
PIGA, for Policy Based Intrusion Detection System, is the implementation of our intrusion detection model.
This IDS generates an interaction graph corresponding to the local policy. This graph is analyzed in order to compute the set of forbidden sequence of interaction by applying a set of detection rules. Next, for each interaction an audit bit is added in the local policy in order to generate traces. Finally, these traces are analyzed and alarms are generated when a forbidden sequence is detected.
PIGA is actually developed in Java and uses SELinux or Grsecurity policy. It allows to (...)
Read the whole article
MIDS : Multi-Level and Multi-Agent Intrusion Detection System
We develop a multi-agent and multi-level architecture to secure highly distributed and heterogeneous systems, based on an original security Meta-Policy approach. The resulting system guarantees global security properties with strong fault tolerance abilities. The architecture is divided into several levels, each of them contributing to the automation of the security management. This multi-agent based system provides the distributed management of access control, intrusion detection systems, security testing and the verification of security policies. The Meta-Policy paradigm enables local (...)
Read the whole article
Secured Remote Virtual Desktop
As a student project, we develop some applications that permit to build a secured remote desktop.
We mainly implement a PAM module (pam_jail) that is able to put a user in a jail when he connect. It’s a fully automatic process and it’s support Kerberos and NFSv4 authentication. It’s based on PAM library and XML configuration files.
During this project, some patch was also submit to Gentoo and FreeNX mainly. For the FreeNX project, we develop a new algorithm of load balancing based on available resources.
Finally, we develop some agents (Kerberos, OpenLDAP, NX and PaX) for the OSSIM (...)
Read the whole article