Detecting Hackers By Monitoring User Commands

from the user-level-anomaly-detection dept

Some researchers are working on new hacker detection software that will work by recording how legitimate users normally use their computers, and then alerting security if something out of the ordinary is happening. Of course, there have been similar attempts to do this sort of thing, though usually based on network traffic, and not user commands. The problem with almost all of these, though, are the number of false-positives, which let the real attacks slip through. People don't always use their computers in the same way, and are going to do something different every once in a while. However, the researchers say they've improved the quality this time, so that only about 6% of the security alerts are false positives.

Add Your Comment

Have a Techdirt Account? Sign in now.
Name
Email	Get Techdirt’s Daily Email
URL
Subject
Comment	this is for spambots, do not use this
Options	Plain Text HTML
	Save me a cookie

Plain Text: A CRLF will be replaced by break tag, all other allowable HTML is intact
HTML: No formatting of any kind is done without explicitly being written in
Allowed HTML Tags: <a> <blockquote> <hr> <tt>

<< Out Of Context And Made Up Movie Reviews To Be Looked At By FTC | Tech Cutbacks Could Stifle Firms' Futures >>

Search Techdirt

And now, a word from our Sponsors..

15% off discount for Techdirt Readers

Subscribe to Techdirt's Daily Email Newsletter