Bugtraq mailing list archives
computer immunology
From: vax () LINKDEAD PARANOIA COM (VaX#n8)
Date: Fri, 17 Oct 1997 12:49:31 -0500
Bugtraq and IDS readers may be interested in October 1997's CACM article on "Computer Immunology", in which a University of New Mexico prof and two grad students discuss the possibilities of detecting abnormal program behavior using characteristic patterns of use, specifically the system call pattern of key system utilities such as sendmail, wu.ftpd, and lpr. It is "a view from 5 000m" but interested readers may find more in the Proceedings of the 1996 IEEE Symposium on Computer Security and Privacy, or Proceedings of the 10th Annual Computer Security Applications Conference, or May 1993 IEEE Spectrum. PS: listserv@netspace appears to be broken; I have tried to sign on to bugtraq several times. -- VaX#n8 http://www.paranoia.com/~vax League of Non-aligned Wizards "The question is, are you paranoid enough?"
Current thread:
- `smurf' multi-broadcast icmp attack T. Freak (Oct 12)
- Re: `smurf' multi-broadcast icmp attack Craig A. Huegen (Oct 13)
- Re: `smurf' multi-broadcast icmp attack Ben (Oct 13)
- broadcast ip scanning script hyped (Oct 13)
- Re: `smurf' multi-broadcast icmp attack Therapy? (Oct 16)
- Re: `smurf' multi-broadcast icmp attack Jon Lewis (Oct 16)
- Update - Seattle Lab Slmail v2.5 for NT vulnerable David LeBlanc (Oct 16)
- wwwcount remote exploit Nicolas Dubee (Oct 16)
- Re: wwwcount remote exploit (@ Solaris) Jan Wedekind (Oct 17)
- Security Hole in Explorer 4.0 Aleph One (Oct 17)
- computer immunology VaX#n8 (Oct 17)
- Jabadoo Security Hack Aleph One (Oct 17)
- WinNT syscalls insecurity Solar Designer (Oct 19)
- Re: WinNT syscalls insecurity Roger Espel Llima (Oct 18)
- Run, RunOnce and Uninstall Registry Keys Vulnerability Aleph One (Oct 16)
- <Possible follow-ups>
- Re: `smurf' multi-broadcast icmp attack Brad Powell (Oct 16)