Re: Human-oriented IDS, new Paper+Tool

From: Steffen Wendzel <cdp_xe@xxxxxxx>
Date: Tue, 6 Dec 2005 23:33:24 +0100

: How is it different from other (system level) behavior anomaly
: detection systems ?

Oh, now i now, what went wrong. I uploaded the old fupids1 code (a kernel-
patch for OpenBSD). I am so stupid: I used the wrong directory as parameter
for the tar command... Now the tgz-file contains the correct directory.

and the difference is the seat-, room-using behavior and so on. but
it is a kind of anomaly detection. thats correct.

what a blame...

best regards
Steffen

On Tue, 6 Dec 2005 13:32:34 +0530 Nakul Aggarwal <nakula@xxxxxxxxx> wrote:

: How is it different from other (system level) behavior anomaly
: detection systems ?
:
: On 12/4/05, Steffen Wendzel <cdp_xe@xxxxxxx> wrote:
: > Hi,
: >
: > i wrote a new paper about a kind of IDS i call 'Human oriented
: > IDS' which uses detected differences in users behavior to detect
: > accounts overtaken by attackers.
: >
: > You can find the paper and the beta-version of the tool i call
: > fupids2 at http://cdp.doomed-reality.org/fupids2/
: >
: > Steffen
: >
: > --
: > cdp.doomed-reality.org
: >
: > ------------------------------------------------------------------------
: > Test Your IDS
: >
: > Is your IDS deployed correctly?
: > Find out quickly and easily by testing it
: > with real-world attacks from CORE IMPACT.
: > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
: > to learn more.
: > ------------------------------------------------------------------------
: >
: >
:
:
: --
: regards
: Nakul Aggarwal
:

--
cdp.doomed-reality.org

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------

References:
- Human-oriented IDS, new Paper+Tool
  - From: Steffen Wendzel
- Re: Human-oriented IDS, new Paper+Tool
  - From: Nakul Aggarwal

Prev by Date: Re: IM & P2P packets
Next by Date: Re: on TASL correlation rules
Previous by thread: Re: Human-oriented IDS, new Paper+Tool
Next by thread: Re: Human-oriented IDS, new Paper+Tool
Index(es):
- Date
- Thread

Relevant Pages

Re: Human-oriented IDS, new Paper+Tool
... How is it different from other (system level) behavior anomaly ... > IDS' which uses detected differences in users behavior to detect ... > with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
RE: Working with/Setting up IDS (Papers)
... For those interested in setting up IDS/learning more about IDS, ... The Role of Intrusion Detection Systems" ... These papers should greatly assist many people on the list, ...
(Focus-IDS)
RE: Distributed intrusion detection systems
... Subject: Distributed intrusion detection systems ... I'm looking for the examples of distributed intrusion ... IDS in comparison with multiple usual intrusion detection ...
(Focus-IDS)