Section: New Software and Platforms

Intrusion Detection and Privacy

Members of the team have developed several intrusion detectors and security tools: Blare implements our approach of illegal information flow detection at the OS level for a single node and a set of nodes; GNG is an intrusion detection system that correlates different sources (such as different logs) in order to identify attacks against the system. The attack scenarios are defined using the Attack Description Langage (ADeLe) proposed by our team; Netzob is an open-source tool for reverse engineering, traffic generation and fuzzing of communication protocols; a log visualization tool called ELVIS (Extensible Log VISualization) has been implemented in order to test our approches for log exploration.

In addition, the team participate to the development of GEPETO (GEoPrivacy-Enhancing TOolkit), an open source software for managing location data (in cooperation with the CNRS Lab. LAAS, Toulouse). GEPETO can be used to visualize, sanitize, perform inference attacks, and measure the utility of a particular geolocated dataset.

These tools are still under development in the team. Nevertheless, there are not new. For more details, please see previous activity reports.