Detecting Hackers By Monitoring User Commands

from the user-level-anomaly-detection dept

Some researchers are working on new hacker detection software that will work by recording how legitimate users normally use their computers, and then alerting security if something out of the ordinary is happening. Of course, there have been similar attempts to do this sort of thing, though usually based on network traffic, and not user commands. The problem with almost all of these, though, are the number of false-positives, which let the real attacks slip through. People don’t always use their computers in the same way, and are going to do something different every once in a while. However, the researchers say they’ve improved the quality this time, so that only about 6% of the security alerts are false positives.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...