Re: Snort with an expert system

[Tomas Olsson <tol () sics se>]

Stefan,
I appreciate your feedback. I am aware that the DARPA dataset is not 
looked upon with favor in the security community, so I can understand 
that that using it is not enough. But, how would I convince you? By 
applying the method on real data and letting a security professional 
tell me if it is performing OK?

/Tomas


Stefano Zanero wrote:
> tol () sics se wrote:
>   
> > Hi,
> > Coming late into this conversation, but what about using statistical learning filtering instead of an expert system? 
> >     
>
> Sorry to be blunt, but I don't really see how this can possibly lead to
> finding or filtering false positives in a misuse detector. And no, the
> experiments on the cited paper fail to convince me.
>
> Best,
> Stefano
>   


-----------------------------------------------------------------
Securing Your Online Data Transfer with SSL.
A guide to understanding SSL certificates, how they operate and their application. By making use of an SSL certificate 
on your web server, you can securely collect sensitive information online, and increase business by giving your 
customers confidence that their transactions are safe.
http://www.dinclinx.com/Redirect.aspx?36;5001;25;1371;0;1;946;9a80e04e1a17f194