question about anomalies detection
faisal99_at_inf.its-sby.edu
Date: 09/01/04
- Previous message: Stefan Keller: "Re: session logging IDS"
- Next in thread: Omar Herrera: "Re: question about anomalies detection"
- Maybe reply: Omar Herrera: "Re: question about anomalies detection"
- Reply: Srinivasa Rao Addepalli: "Re: question about anomalies detection"
- Reply: Raj Malhotra: "Re: question about anomalies detection"
- Reply: Jose Maria Lopez: "Re: question about anomalies detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 1 Sep 2004 14:31:41 +0700 (WIT) To: focus-ids@securityfocus.com
Hai everyone,
sory if my question seems to be dummy question,
but I need several thing to know about anomalies detection for my college
assignment. Below are something to answer(if you don't mind)
1. To train the anomalies detection system, we must train the application
with the normal profile. My question is how we get the normal profile, are
they built by ourself or we try to get from our network dump data to be
set as normal profile or we use the prebuild data on the net(like the data
on the Lincoln Lab Data?)
2. Is there any paper about SPADE(Snort Plugin), I've googling for
sometimes but never found one.
thnkyou, for the attention.
regards
Nafis Faisal
- Previous message: Stefan Keller: "Re: session logging IDS"
- Next in thread: Omar Herrera: "Re: question about anomalies detection"
- Maybe reply: Omar Herrera: "Re: question about anomalies detection"
- Reply: Srinivasa Rao Addepalli: "Re: question about anomalies detection"
- Reply: Raj Malhotra: "Re: question about anomalies detection"
- Reply: Jose Maria Lopez: "Re: question about anomalies detection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
