...
Without intrusion detection, an attacker can attempt attacks many times until an attack is finally successful. Intrusion detection allows for these attacks to be identified before a successful attack is likely to occur. The purpose of this project is to add the ability to detect attacks using Elytron, the security framework used by the WildFly Application Server. In particular, Elytron already provides support for security events which can indicate things like a failed authentication attempt for a particular user. Can we leverage these events to detect things like multiple failed authentication attempts for a particular user? Once detected, what kind of action can we take (e.g., a server administrator could be notified, an account could be disabled, etc.)?
...