Network software aimed at recognizing hackers' habits

    Date21 Jan 2003
    3943
    Posted ByAnthony Pell
    The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight . . . The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight monitoring. The "user-level anomaly detection" software draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks, such as opening files, sending e-mail or searching archives.

    Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior. Alerted to anomalies, network administrators then begin monitoring more aggressively to assess whether pilferage is in progress.

    You are not authorised to post comments.

    ccommentViewComments Object ( [document] => [_name:protected] => comments [_models:protected] => Array ( ) [_basePath:protected] => /var/www/www.linuxsecurity.com-443/html/components/com_comment [_defaultModel:protected] => [_layout:protected] => default [_layoutExt:protected] => php [_layoutTemplate:protected] => _ [_path:protected] => Array ( [template] => Array ( [0] => /var/www/www.linuxsecurity.com-443/html/templates/shaperhelix_child/html/com_comment/templates/default/ [1] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/templates/default/ [2] => /var/www/www.linuxsecurity.com-443/html/templates/shaperhelix_child/html/com_content/comments/ [3] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/views/comments/tmpl/ ) [helper] => Array ( [0] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/helpers/ ) ) [_template:protected] => /var/www/www.linuxsecurity.com-443/html/components/com_comment/templates/default/default_menu.php [_output:protected] => [_escape:protected] => htmlspecialchars [_charset:protected] => UTF-8 [_errors:protected] => Array ( ) [baseurl] => [plugin] => CcommentComponentContentPlugin Object ( [row] => stdClass Object ( [id] => 113288 [asset_id] => 10045 [title] => Network software aimed at recognizing hackers' habits [alias] => network-software-aimed-at-recognizing-hackers-habits [introtext] => The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight . . . [fulltext] => The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight monitoring. The "user-level anomaly detection" software draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks, such as opening files, sending e-mail or searching archives.

    Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior. Alerted to anomalies, network administrators then begin monitoring more aggressively to assess whether pilferage is in progress. [state] => 1 [catid] => 75 [created] => 2003-01-21 06:43:00 [created_by] => 6937 [created_by_alias] => Anthony Pell [modified] => 2015-11-30 06:38:50 [modified_by] => 62 [checked_out] => 0 [checked_out_time] => 0000-00-00 00:00:00 [publish_up] => 0000-00-00 00:00:00 [publish_down] => 0000-00-00 00:00:00 [images] => [urls] => {"urla":"http://www.islandpacket.com/24hour/technology/story/726994p-5316010c.html","urlatext":"Island Packet Online","targeta":"1","urlb":false,"urlbtext":"","targetb":"","urlc":false,"urlctext":"","targetc":""} [attribs] => {"show_parent_category":"","link_parent_category":"","show_author":"","link_author":"","show_publish_date":"","show_item_navigation":"","show_print_icons":"","show_icons":"","show_hits":"","show_noauth":"","alternative_readmore":"","article_layout":"","show_publishing_options":"","show_article_options":"","show_urls_images_backend":"","show_urls_images_frontend":"","list_show_hits":"","list_show_author":"","show_readmore":""} [version] => 1 [ordering] => 862 [metakey] => network, software, aimed, recognizing, hackers, habits [metadesc] => [access] => 1 [hits] => 3943 [metadata] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( ) [initialized:protected] => [separator] => . ) [featured] => 0 [language] => * [xreference] => [category_title] => Intrusion Detection [category_alias] => intrusion-detection [category_access] => 1 [author] => Anthony Pell [parent_title] => NEWS [parent_id] => 179 [parent_route] => news [parent_alias] => news [rating] => [rating_count] => [params] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [article_layout] => _:default [show_title] => 1 [link_titles] => 1 [show_intro] => 1 [info_block_position] => 0 [info_block_show_title] => 1 [show_category] => 1 [link_category] => 1 [show_parent_category] => 0 [link_parent_category] => 0 [show_associations] => 0 [flags] => 1 [show_author] => 1 [link_author] => 0 [show_create_date] => 0 [show_modify_date] => 0 [show_publish_date] => 1 [show_item_navigation] => 1 [show_vote] => 0 [show_readmore] => 1 [show_readmore_title] => 1 [readmore_limit] => 100 [show_tags] => 1 [show_icons] => 1 [show_print_icon] => 1 [show_email_icon] => 0 [show_hits] => 1 [show_noauth] => 0 [urls_position] => 0 [captcha] => [show_publishing_options] => 1 [show_article_options] => 1 [save_history] => 1 [history_limit] => 10 [show_urls_images_frontend] => 0 [show_urls_images_backend] => 1 [targeta] => 0 [targetb] => 0 [targetc] => 0 [float_intro] => left [float_fulltext] => left [category_layout] => _:blog [show_category_heading_title_text] => 1 [show_category_title] => 0 [show_description] => 0 [show_description_image] => 0 [maxLevel] => 1 [show_empty_categories] => 0 [show_no_articles] => 1 [show_subcat_desc] => 1 [show_cat_num_articles] => 0 [show_cat_tags] => 1 [show_base_description] => 1 [maxLevelcat] => -1 [show_empty_categories_cat] => 0 [show_subcat_desc_cat] => 1 [show_cat_num_articles_cat] => 1 [num_leading_articles] => 0 [num_intro_articles] => 5 [num_columns] => 1 [num_links] => 4 [multi_column_order] => 0 [show_subcategory_content] => 0 [show_pagination_limit] => 1 [filter_field] => hide [show_headings] => 1 [list_show_date] => 0 [date_format] => [list_show_hits] => 1 [list_show_author] => 1 [orderby_pri] => alpha [orderby_sec] => rdate [order_date] => created [show_pagination] => 2 [show_pagination_results] => 1 [show_featured] => show [show_feed_link] => 1 [feed_summary] => 0 [feed_show_readmore] => 0 [sef_advanced] => 1 [sef_ids] => 1 [custom_fields_enable] => 0 [show_page_heading] => 0 [layout_type] => blog [menu_text] => 1 [menu_show] => 1 [secure] => 0 [menulayout] => {"width":600,"menuItem":1,"menuAlign":"right","layout":[{"type":"row","attr":[{"type":"column","colGrid":12,"menuParentId":"107","moduleId":""}]}]} [megamenu] => 0 [showmenutitle] => 1 [enable_page_title] => 0 [page_title] => News [page_description] => LinuxSecurity.com is the community's central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals. [page_rights] => [robots] => [access-view] => 1 ) [initialized:protected] => 1 [separator] => . ) [tagLayout] => Joomla\CMS\Layout\FileLayout Object ( [layoutId:protected] => joomla.content.tags [basePath:protected] => [fullPath:protected] => [includePaths:protected] => Array ( ) [options:protected] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [component] => com_content [client] => 0 ) [initialized:protected] => [separator] => . ) [data:protected] => Array ( ) [debugMessages:protected] => Array ( ) ) [slug] => 113288:network-software-aimed-at-recognizing-hackers-habits [catslug] => 75:intrusion-detection [parent_slug] => 179:news [readmore_link] => /news/intrusion-detection/network-software-aimed-at-recognizing-hackers-habits [text] => The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight . . . The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for military installations and government agencies as well as banking or other commercial networks that require especially tight monitoring. The "user-level anomaly detection" software draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks, such as opening files, sending e-mail or searching archives.

    Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior. Alerted to anomalies, network administrators then begin monitoring more aggressively to assess whether pilferage is in progress. [tags] => Joomla\CMS\Helper\TagsHelper Object ( [tagsChanged:protected] => [replaceTags:protected] => [typeAlias] => [itemTags] => Array ( ) ) [jcfields] => Array ( ) [event] => stdClass Object ( [afterDisplayTitle] => [beforeDisplayContent] => ) [prev] => /news/intrusion-detection/intrusion-detection-with-debian-gnulinux [next] => /news/intrusion-detection/open-source-honeypots-learning-with-honeyd [prev_label] => Prev [next_label] => Next [pagination] =>

    [paginationposition] => 1 [paginationrelative] => 0 ) [params] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [article_layout] => _:default [show_title] => 1 [link_titles] => 1 [show_intro] => 1 [info_block_position] => 0 [info_block_show_title] => 1 [show_category] => 1 [link_category] => 1 [show_parent_category] => 0 [link_parent_category] => 0 [show_associations] => 0 [flags] => 1 [show_author] => 1 [link_author] => 0 [show_create_date] => 0 [show_modify_date] => 0 [show_publish_date] => 1 [show_item_navigation] => 1 [show_vote] => 0 [show_readmore] => 1 [show_readmore_title] => 1 [readmore_limit] => 100 [show_tags] => 1 [show_icons] => 1 [show_print_icon] => 1 [show_email_icon] => 0 [show_hits] => 1 [show_noauth] => 0 [urls_position] => 0 [captcha] => [show_publishing_options] => 1 [show_article_options] => 1 [save_history] => 1 [history_limit] => 10 [show_urls_images_frontend] => 0 [show_urls_images_backend] => 1 [targeta] => 0 [targetb] => 0 [targetc] => 0 [float_intro] => left [float_fulltext] => left [category_layout] => _:blog [show_category_heading_title_text] => 1 [show_category_title] => 0 [show_description] => 0 [show_description_image] => 0 [maxLevel] => 1 [show_empty_categories] => 0 [show_no_articles] => 1 [show_subcat_desc] => 1 [show_cat_num_articles] => 0 [show_cat_tags] => 1 [show_base_description] => 1 [maxLevelcat] => -1 [show_empty_categories_cat] => 0 [show_subcat_desc_cat] => 1 [show_cat_num_articles_cat] => 1 [num_leading_articles] => 0 [num_intro_articles] => 5 [num_columns] => 1 [num_links] => 4 [multi_column_order] => 0 [show_subcategory_content] => 0 [show_pagination_limit] => 1 [filter_field] => hide [show_headings] => 1 [list_show_date] => 0 [date_format] => [list_show_hits] => 1 [list_show_author] => 1 [orderby_pri] => alpha [orderby_sec] => rdate [order_date] => created [show_pagination] => 2 [show_pagination_results] => 1 [show_featured] => show [show_feed_link] => 1 [feed_summary] => 0 [feed_show_readmore] => 0 [sef_advanced] => 1 [sef_ids] => 1 [custom_fields_enable] => 0 [show_page_heading] => 0 [layout_type] => blog [menu_text] => 1 [menu_show] => 1 [secure] => 0 [menulayout] => {"width":600,"menuItem":1,"menuAlign":"right","layout":[{"type":"row","attr":[{"type":"column","colGrid":12,"menuParentId":"107","moduleId":""}]}]} [megamenu] => 0 [showmenutitle] => 1 [enable_page_title] => 0 [page_title] => News [page_description] => LinuxSecurity.com is the community's central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals. [page_rights] => [robots] => [access-view] => 1 ) [initialized:protected] => 1 [separator] => . ) ) [config] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( [basic] => stdClass Object ( [include_categories] => 1 [categories] => Array ( [0] => 179 [1] => 171 [2] => 84 [3] => 83 [4] => 82 [5] => 81 [6] => 80 [7] => 79 [8] => 78 [9] => 77 [10] => 76 [11] => 75 [12] => 74 [13] => 73 [14] => 72 [15] => 69 [16] => 67 [17] => 178 [18] => 181 [19] => 87 [20] => 89 [21] => 91 [22] => 98 [23] => 99 [24] => 100 [25] => 172 [26] => 197 [27] => 198 [28] => 199 [29] => 200 [30] => 182 [31] => 159 [32] => 102 [33] => 183 [34] => 157 [35] => 156 [36] => 184 [37] => 107 [38] => 106 [39] => 105 [40] => 104 [41] => 103 [42] => 185 [43] => 186 [44] => 108 [45] => 187 [46] => 160 [47] => 166 [48] => 169 [49] => 161 [50] => 167 [51] => 162 [52] => 163 [53] => 188 [54] => 170 [55] => 189 [56] => 196 ) [exclude_content_items] => Array ( ) [disable_additional_comments] => Array ( ) ) [security] => stdClass Object ( [authorised_users] => Array ( [0] => 6 [1] => 7 [2] => 2 [3] => 3 [4] => 4 [5] => 5 [6] => 8 ) [auto_publish] => 1 [notify_moderators] => 0 [moderators] => Array ( [0] => 8 ) [captcha] => 1 [captcha_type] => default [maxlength_text] => 30000 ) [layout] => stdClass Object ( [tree] => 1 [sort] => 0 [comments_per_page] => 10 [support_ubb] => 1 [support_pictures] => 0 [pictures_maxwidth] => 200 [voting_visible] => 1 [date_format] => age [show_readon] => 1 [menu_readon] => 0 [intro_only] => 0 [emoticon_pack] => modern ) [template] => stdClass Object ( [template] => default ) [template_params] => stdClass Object ( [emulate_bootstrap] => 1 [minify_scripts] => 0 [notify_users] => 1 [pagination_position] => 0 [form_position] => 1 [form_avatar] => 1 [form_ubb] => 1 [required_user] => 1 [required_email] => 1 [show_rss] => 1 [show_search] => 1 [preview_visible] => 1 [preview_length] => 80 [preview_lines] => 10 ) [integrations] => stdClass Object ( [gravatar] => 1 [support_profiles] => 0 ) [global] => stdClass Object ( [censorship_word_list] => Array ( ) ) ) [initialized:protected] => 1 [separator] => . [id] => 1 [component] => com_content ) [count] => 0 [contentId] => 113288 [component] => com_content [allowedToPost] => [discussionClosed] => [emoticons] => Array ( [:angry:] => /media/com_comment/emoticons/modern/images/Angry.gif [:angry-red:] => /media/com_comment/emoticons/modern/images/Angry-Red.gif [:evil:] => /media/com_comment/emoticons/modern/images/Evil-Toothy.gif [:idea:] => /media/com_comment/emoticons/modern/images/Idea.gif [:love:] => /media/com_comment/emoticons/modern/images/Love.gif [:x] => /media/com_comment/emoticons/modern/images/Mad.gif [:no-comments:] => /media/com_comment/emoticons/modern/images/No-Comments.gif [:ooo:] => /media/com_comment/emoticons/modern/images/Oooo.gif [:pirate:] => /media/com_comment/emoticons/modern/images/Pirate.gif [:?:] => /media/com_comment/emoticons/modern/images/Question.gif [:(] => /media/com_comment/emoticons/modern/images/Sad.gif [:sleep:] => /media/com_comment/emoticons/modern/images/Sleeping.gif [:)] => /media/com_comment/emoticons/modern/images/Smile.gif [,)] => /media/com_comment/emoticons/modern/images/Wink.gif [,))] => /media/com_comment/emoticons/modern/images/Wink-2.gif [:0] => /media/com_comment/emoticons/modern/images/Wooo.gif ) [customfieldsForm] => Joomla\CMS\Form\Form Object ( [data:protected] => Joomla\Registry\Registry Object ( [data:protected] => stdClass Object ( ) [initialized:protected] => [separator] => . ) [errors:protected] => Array ( ) [name:protected] => customfields [options:protected] => Array ( [control] => jform ) [xml:protected] => SimpleXMLElement Object ( [fields] => SimpleXMLElement Object ( [@attributes] => Array ( [name] => customfields ) ) ) [repeat] => ) )

    Comments powered by CComment

    LinuxSecurity Poll

    Have you used our RSS feeds?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    21
    radio
    [{"id":"77","title":"Yes, for articles","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"78","title":"Yes, for advisories","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"79","title":"Hybrid that contains both","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"80","title":"No","votes":"0","type":"x","order":"4","pct":0,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.