normal behaviour definition
From: Nakul Aggarwal (nakula_at_gmail.com)
Date: 10/06/05
- Previous message: barcajax_at_gmail.com: "Re: detecting "intrusion detection""
- Next in thread: Sanjay Rawat: "Re: normal behaviour definition"
- Maybe reply: Nakul Aggarwal: "Re: normal behaviour definition"
- Maybe reply: Sanjay Rawat: "Re: normal behaviour definition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 6 Oct 2005 11:41:45 +0530 To: focus-ids@securityfocus.com
Hi everyone,
I am working on a project of behavioral anomaly detection. In some of
the papers I read, authors talk about the difficulty of accurate
definition of "normal" behavior but after that they either use
standard data sets(MIT ones or KDD) or just say "first normal behavior
was learnt and and then evaluations are performed."
But how normal behavior was defined/learnt, that no-one tells. Can
someone throw some light on this?
Thanking You
regards
Nakul Aggarwal
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
- Previous message: barcajax_at_gmail.com: "Re: detecting "intrusion detection""
- Next in thread: Sanjay Rawat: "Re: normal behaviour definition"
- Maybe reply: Nakul Aggarwal: "Re: normal behaviour definition"
- Maybe reply: Sanjay Rawat: "Re: normal behaviour definition"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
