Re: Human-oriented IDS, new Paper+Tool



: How is it different from other (system level) behavior anomaly
: detection systems ?

Oh, now i now, what went wrong. I uploaded the old fupids1 code (a kernel-
patch for OpenBSD). I am so stupid: I used the wrong directory as parameter
for the tar command... Now the tgz-file contains the correct directory.

and the difference is the seat-, room-using behavior and so on. but
it is a kind of anomaly detection. thats correct.

what a blame...

best regards
Steffen

On Tue, 6 Dec 2005 13:32:34 +0530 Nakul Aggarwal <nakula@xxxxxxxxx> wrote:

: How is it different from other (system level) behavior anomaly
: detection systems ?
:
: On 12/4/05, Steffen Wendzel <cdp_xe@xxxxxxx> wrote:
: > Hi,
: >
: > i wrote a new paper about a kind of IDS i call 'Human oriented
: > IDS' which uses detected differences in users behavior to detect
: > accounts overtaken by attackers.
: >
: > You can find the paper and the beta-version of the tool i call
: > fupids2 at http://cdp.doomed-reality.org/fupids2/
: >
: > Steffen
: >
: > --
: > cdp.doomed-reality.org
: >
: > ------------------------------------------------------------------------
: > Test Your IDS
: >
: > Is your IDS deployed correctly?
: > Find out quickly and easily by testing it
: > with real-world attacks from CORE IMPACT.
: > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
: > to learn more.
: > ------------------------------------------------------------------------
: >
: >
:
:
: --
: regards
: Nakul Aggarwal
:


--
cdp.doomed-reality.org

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------



Relevant Pages

  • Re: Human-oriented IDS, new Paper+Tool
    ... How is it different from other (system level) behavior anomaly ... > IDS' which uses detected differences in users behavior to detect ... > with real-world attacks from CORE IMPACT. ...
    (Focus-IDS)
  • RE: Working with/Setting up IDS (Papers)
    ... For those interested in setting up IDS/learning more about IDS, ... The Role of Intrusion Detection Systems" ... These papers should greatly assist many people on the list, ...
    (Focus-IDS)
  • RE: Distributed intrusion detection systems
    ... Subject: Distributed intrusion detection systems ... I'm looking for the examples of distributed intrusion ... IDS in comparison with multiple usual intrusion detection ...
    (Focus-IDS)