This document describes the first version of the monitoring software package that enables the supervision of CLARUS client operations during runtime to detect errors, malicious behaviours and attacks.

It presents an overview of the methodology (risk based monitoring) to adapt a Montimage Monitoring Tool (MMT) tool to the CLARUS platform, together with a detailed description of the security monitoring performed by the adapted MMT.

For now, and since no real trace is captured yet from the CLARUS proxy that is under implementation in WP5, the first version of the monitoring has been developed and tested with classical attacks (IP-based attacks). More adaptations are planned in the second version to include several attack examples that are presented in this document.