Re: Suggestions

["Ed Donegan" <danceslikewhiteguy () hotmail com>]

I wasn't able to drag down the PDF yet, but I presume it used the pearson 
product moment correlation co-efficient?  Mots embarassig, I posted the 
wrong version earlier, more verbose, less technical, but does this technique 
use multiple data points to describe an event (ie proccess launched, files 
touched,) then measure the "goodness of fit" to the event and the data 
points in a correlation co-efficient?  This is what I believe is the more 
technicial definition of correlation lays, but as far as tayloring it for 
utility, I have seen numerous variations.


> From: Rishikesh Pande <rpande () vt edu>
> To: Thiago dos Santos Guzella <thiagoguzella () yahoo com br>
> CC: focus-ids () securityfocus com, 
> uzurutuza () eps mondragon edu,TheTom () UnixIsNot4Dummies ORG, 
> clint () secureconsulting com,stefano.zanero () ieee org, whitty () reeve com, 
> mark.runion () us army mil
> Subject: Re: Suggestions
> Date: Sat, 29 May 2004 16:05:53 -0400
>
> You may want to take a look at my thesis 
> (http://scholar.lib.vt.edu/theses/available/etd-05182004-085925/). I used 
> spatial autocorrelation- a measure from plant epidemiology to look at the 
> spread of computer network worms. The thesis is kind of long , but you may 
> want to read the Introduction and then skip over to chapter 4. If you can 
> wait a month or so, I am presenting some of my work at SANSFIRE- Monterey.
>         Rishi
>
>
> ---------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------

_________________________________________________________________
Get fast, reliable Internet access with MSN 9 Dial-up – now 3 months FREE! 
http://join.msn.click-url.com/go/onm00200361ave/direct/01/


---------------------------------------------------------------------------

---------------------------------------------------------------------------