In terms of complexity/size helping security, there may be
additional categories:
1. Anomaly detection might be part of a broader category of
knowledge-based approaches that work better at large scale. For
instance, expert systems to detect credit card fraud or identity theft
detection tend to work better as the amount of data increases.
2. A more controversial improvement with scale comes from
"data mining," however folks want to define that. It's a long
debate about when data mining works or is just marketing hype for
putting more hay on the haystack. But more data gives the
possibility of more knowledge.
3. The open source approach to security believes that having
many eyes on a vulnerability increases the likelihood of detecting and
then creating a patch for the vulnerability. So security may
improve when there are many eyes looking at vulnerabilities.
(This last point suggests that a Full Disclosure list, for instance,
might improve security as the size of the system increases.)
Peter
Prof. Peter Swire
C. William O'Neill Professor of Law
Moritz College of Law of the
Ohio State University
Senior Fellow, Center for American Progress
(240) 994-4142, www.peterswire.net
Prof. Peter Swire
C. William O'Neill Professor of Law
Moritz College of Law of the
Ohio State University
Senior Fellow, Center for American Progress
(240) 994-4142, www.peterswire.net
-------- Original Message --------
Subject: Re: [Full-disclosure] emergent security properties
From: Roland Dobbins <[EMAIL PROTECTED]>
Date: Tue, December 26, 2006 8:32 pm
To: [email protected]
On Dec 26, 2006, at 4:19 PM, coderman wrote:
> the only example that comes to mind is distributed / collaborative
> anomaly detection systems which become more robust with a larger
> number of entities and interactions to observe.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
