Intrusion Detection and Counter Attack System (IDCAS) is an open source tool developed to be used during CaptureTheFlag (CTF) Attack/Defense cybersecurity competitions. It provides both full system and single service monitoring, looking for incoming malicious HTTP requests. In fact, during such competitions, while you try to steal other participants secret information to get points, they will try to hack your system stealing yours. IDCAS detects when your system has been compromised and, while it cannot block the attack since it is prohibited in CTF, it will replay the same malicious request to all the other teams.
IDCAS exploits the use of eBPF and XDP, monitoring the system from the bottom to the top.
For more information, please visit the project website (Code tag above 🔝)
Simone Magnani
PhD Student
A PhD Student focused on relationships and performance of the underlying Network traffic monitoring feature-gatherer process and AI/ML based Detection Engines