It uses only human-oriented data. And some of this data-sources are new: seat-using behavior, room-using behavior, favorite buildings. and some are already implemented in other IDS or in my old IDS like the program-using behavior or the time-dependend calculation of the attacker level.
On Tue, 6 Dec 2005 13:32:34 +0530 Nakul Aggarwal <[EMAIL PROTECTED]> wrote: > How is it different from other (system level) behavior anomaly > detection systems ? > > On 12/4/05, Steffen Wendzel <[EMAIL PROTECTED]> wrote: > > Hi, > > > > i wrote a new paper about a kind of IDS i call 'Human oriented > > IDS' which uses detected differences in users behavior to detect > > accounts overtaken by attackers. > > > > You can find the paper and the beta-version of the tool i call > > fupids2 at http://cdp.doomed-reality.org/fupids2/ > > > > Steffen > > > > -- > > cdp.doomed-reality.org > > > > ------------------------------------------------------------------------ > > Test Your IDS > > > > Is your IDS deployed correctly? > > Find out quickly and easily by testing it > > with real-world attacks from CORE IMPACT. > > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > > to learn more. > > ------------------------------------------------------------------------ > > > > > > > -- > regards > Nakul Aggarwal > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
