Analysis Console for Intrusion Databases


The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of security events generated by various IDSes, firewalls, and network monitoring tools. The features currently include:

ACID has the ability to analyze a wide variety of events which are post-processed into its database. Tools exist for the following formats:

This web page contains the latest information about the ACID application development status. It should be noted that ACID is the result of ongoing work at the CERT Coordination Center for the AIRCERT project. We encourage you to visit the AIRCERT website for more information on how you can benefit from participating in the prototype.

Documentation (applicable to v0.9.5 and later)

Download
Version Date Description Download (MD5)
0.9.6b23 01/08/2003 RECOMMENDED: year 2003 fixes acid-0.9.6b23.tar.gz
d8c49614393fa05ac140de349f57e438
0.9.6b22 10/09/2002 new charts and alert action acid-0.9.6b22.tar.gz
3624a0d7272223386a5971ef55f947fd
0.9.6b21 03/03/2002 PostgreSQL 7.2 support, CSV export acid-0.9.6b21.tar.gz
a0e2ccfa072dc96832dc54cb3c834d82
older
versions

Dependencies:   PHP;   ADODB; PHPlot or JPGraph libraries


Please direct any feedback to the acidlab-users mailing list or you can contact the author directly.