This is an excellent article, thank you! I still need to read you article a little closer, so maybe I missed this on the first scan, but it looks like Sebek might be used with a database of suspicious behavior to provide deep intrusion detection. Or I may be completely misunderstanding its capabil...

[ more ]