Computer Security
Technical Committee

[switch to italian]


Tools
This section describes on-line demos, plugins, and tools that have been developed by the members of the technical committee, and that can be freely accessed and/or dowloaded. The goal is to stimulate the collaboration between different research groups and highlight the practical aspects of research work performed by TC members.

>> Prototypes
HMMPaylHMMPayl is an anomaly detector which implements a statistical analysis of TCP payloads to detect application layer attacks. This system has been developed by Davide Ariu (PRA group, University of Cagliari)
SuStorIDSuStorID is an advanced Intrusion Detection System (IDS) for web services, based on machine learning. Its name comes from the term "Su Stori", which in Sardinian language means "The Falcon". It's version is experimental, but demonstrates a number of interesting features, that can be readily exploited to detect and act against web attacks. This system has been developed by Igino Corona (PRA group, University of Cagliari)
HMM-WebHMM-Web is a research tool based on Hidden Markov Models, to the detection of attacks against web applications. This system is able to infer automatically the profile of legitimate queries towards web applications, given an enough large sample of access logs of the Apache web server. Then, it may detect web application attacks as anomalous input queries. This system has been developed by Igino Corona (PRA group, University of Cagliari).
McPADMcPAD is an anomaly detector which implements a statistical analysis of TCP payloads to the detection of shellcode attacks. This system has been developed by Roberto Perdisci (Computer Science Department, University of Georgia, USA) and Davide Ariu (PRA group, University of Cagliari).
>> Plugins
Bayes OCR PluginThis is a plugin for the Spamassassin spam filter. It allows to analyze text camouflaged inside attached images.This plugin has been developed by Ignazio Pillai and Daniele Muntoni (PRA group, University of Cagliari)
Image Cerberus PluginThis is a plugin for the Spamassassin spam filter. It can detect image spam, i.e., images that contain spam messages. This plugin has been developed by Ignazio Pillai and Battista Biggio (PRA group, University of Cagliari).
>> Demos
Image CerberusImage Cerberus is an spam filtering tool that allows to detect spam images inside email messages. As such, it can complement the text-based analysis of current spam filtering tools (e.g. Spamassassin).