So after the precious discussion, I have the following questions:
* Would the following setup be useful (interesting enough to be used)?
(a) a set of sensors reporting "interesting" events from traffic
and from hosts (e.g. from NIDS, HIDS, etc.), and then
(b) we use an anomaly dete...
* Would the following setup be useful (interesting enough to be used)?
(a) a set of sensors reporting "interesting" events from traffic
and from hosts (e.g. from NIDS, HIDS, etc.), and then
(b) we use an anomaly dete...
[ more ]