Activity Not Available
I Use This!

Project Summary

Analyzed 5 months ago. based on code collected 5 months ago.

DILCA is a distributed logical correlation and reaction architecture featuring collection and correlation of IDMEF formatted log events (Intrusion Detection Message Exchange Format - RFC 4765) through a multi-step signature based system.
ILCE (IDMEF Logical Correlation Engine) is the core of the architecture, which parses logs on the fly and generates reaction events on previously created policies (builted into multi-step signature system).
Therefore these reaction events are sent to each DILCA Manager node, and forwarded to the right target Agent handled by that node (DILCA Agent/Plugin).
Every Agent/Plugin sends local IDMEF logs to the corresponding DILCA manager and receives reaction events from it.
IDXP (Intrusion Detection Exchance Protocol - RFC 4767) is the standard protocol used during IDMEF,Signatures and Reactions exchanges.

News about the Project: News Page
For further information:


In a Nutshell, dilca...


30 Day Summary

Apr 9 2016 — May 9 2016

12 Month Summary

May 9 2015 — May 9 2016



Be the first to rate this project
Click to add your rating
   Spinner f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
Review this Project!