[629] in Intrusion Detection Systems
Re: Question. (Was re:hacker's intro)
daemon@ATHENA.MIT.EDU (giorgos adamopoulos)
Fri Feb 23 01:56:14 1996
From: giorgos adamopoulos <el90118@central.ntua.gr>
To: ids@uow.edu.au
Date: Wed, 21 Feb 1996 21:56:39 +0200 (EET)
In-Reply-To: <199602210347.WAA21949@uther.cs.purdue.edu> from "Gene Spafford" at
Feb 20, 96 10:47:34 pm
Reply-To: ids@uow.edu.au
> let that happen to this list too? Can we please go back to intrusion
> detection as a topic?
OK,
Here is a question for the group:
Would you like to have a Prolog-like based rule system that would do
intrusion detection? I think CLIPS could be a choise if one would
like to implement such a system. (This is just asking your opinion on
the Prolog style of programming).
> For instance, let's get back to the fact that more than 75% of system
> abuses in typical commcercial environments comes from insiders. Is
> anyone looking at what is different about these insiders that can be
> detected or monitored?
I is my understanding that most of them in the 75% are either bribed or
getting revenge, so what can you do?
--
giorgos adamopoulos (el90118@central.ntua.gr)
