Projects / Intrusion Detection Exchange Architecture

Intrusion Detection Exchange Architecture

IDEA is an architecture for implementing a distributed intrusion detection system on a computer network. It provides a way to incorporate many different IDS sensors into an architecture, and have them report to a central IDS server. This server collects, aggregates, and correlates data from the sensors, providing a unified view of network activity. By specifying an open API, many different clients can connect to the IDEA server and "subscribe" to the event notification service so that the client will be notified any time a new alert is received from any of the sensors.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  10 Nov 2003 14:06

    Release Notes: Secure authentication from console to server was implemented via MD5 challenge/response. Interfaces to improve modularity were implemented. The Web application functionality was enhanced with links to CVE, BugTraq, and other information sources. IDEA now works with Snort 2.0. Minor bugfixes were made.

    •  24 Mar 2003 04:53

      Release Notes: Numerous internal changes/bugfixes/code cleanups, modularized code so that it should be much easier to write modules to work with the console and server, new observer interfaces for the AlertList, HotIPList, and SensorList (any Java class that implements the interface will receive notifications as to when there are changes made to the lists), initial IDEA server user-auth code, fixes to a bunch of the database code to make it more modular now, and segregating code for the Menu bar from the code for the console.

      •  23 Feb 2003 02:36

        Release Notes: Minor bugfixes and user enhancements, support for PostgreSQL databases, ease-of-use enhancements to the Web application, and security enhancements to the server.

        •  14 Feb 2003 05:38

          No changes have been submitted for this release.

          Screenshot

          Project Spotlight

          OpenStack4j

          A Fluent OpenStack client API for Java.

          Screenshot

          Project Spotlight

          TurnKey TWiki Appliance

          A TWiki appliance that is easy to use and lightweight.