Investigative Data Mining for Security and Criminal Detection

Abacus Project http://www.psionic.com/abacus A security initiative to produce a suite of tools to provide host-based security and intrusion detection.

Advanced Intrusion Detection Environment http://www.cs.tut.fi/~rammer/aide.html AIDE is a file integrity checker that supports regular expressions. Licensed with GPL.

IDSA http://jade.cs.uct.ac.za/idsa An experimental IDS and reference monitor designed to run at application level.

LIDS Project — Secure Linux System http://www.lids.org LIDS is an enhancement for the Linux kernel; it implements several security features that are not in the Linux kernel natively. Some of these include mandatory access controls (MAC), a port scan detector, file protection, and process protection.

myNetWatchman. com http://www.mynetwatchman.com Intrusion reporting and response services; users forward firewall logs that are aggregated and analyzed to identify incidents that are reported to the responsible party.

Pakemon IDS http://www.sfc.keio.ac.jp/~keiji/ids/pakemon/index.html A free network intrusion detection system for UNIX systems.

Panoptis http://panoptis.sourceforge.net Panoptis is a network IDS that detects and stops DoS/DDoS attacks.

Snort http://www.snort.org A free and very popular lightweight network intrusion detection system for UNIX and Windows.

The Osiris Scripts http://www.shmoo.com/osiris A tripwire-like utility that uses MD5 to check files for modifications,