IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Specification-based Anomaly Detection

From: Stefano Zanero <zanero () elet polimi it>
Date: Thu, 13 Jan 2005 21:14:19 +0100
Kohlenberg, Toby wrote:
- and that anomaly detection (in particular techniques which are not rate-based) is a relative "newcomer" in the COMMERCIAL field of intrusion detection, where most of the products are built on a misuse detection approach. 

Really? What would you call CMDS? Which was a commercial system that
used anomaly detection by building user profiles and was available from
ODS in the mid-90s?
My omission here: I meant NETWORK intrusion detection, as we were talking about NIDS in those posts. Commercial anomaly detection systems exist. 

--
Cordiali saluti,
Stefano Zanero
Dottorando di Ricerca / Ph.D. Student

Politecnico di Milano - Dip. Elettronica e Informazione
Via Ponzio, 34/5 I-20133 Milano - ITALY
Tel.    +39 02 2399-3660
Fax.    +39 02 2399-3411
E-mail: zanero () elet polimi it
Web:    www.elet.polimi.it/upload/zanero

--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. 
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: