Intrusion Detection Systems mailing list archives
RE: IDS
From: ajcblyth () glam ac uk (Comp)
Date: Fri, 12 Nov 1999 10:00:19 -0000
Greetings,
How can I detect UNKOWN attacks if they are unknown ???
Well, If you log all data then you can apply various technqiues to it and see what falls out. In the elimination of noise from an audio environment, one particularly useful technique is to isolate the ambient, background noise and to remove that from the signal presented to the recording or amplifying system. This presents a notion for the approach of using normalisation on the hostile network traffic: we isolate the non-ambient hostile traffic by removing the traffic that is visible in 'the background'. Regards Andrew.
Current thread:
- IDS kbashir () engro com (Oct 31)
- Re: IDS Emmanuel Gadaix (Nov 01)
- <Possible follow-ups>
- Re: IDS Matt Riddell (Nov 03)
- The story of a small boy ... sealed envelops ... Max (Nov 08)
- IDS Stefano Maifreni (Nov 11)
- Re: IDS: Jackie Chan (Nov 11)
- Re: IDS: Marcus J. Ranum (Nov 11)
- Network Computing IDS article Ron Gula (Nov 12)
- Re: IDS: Jackie Chan (Nov 11)
- RE: IDS Comp (Nov 12)
- Re: RE: IDS Ryan Permeh (Nov 18)