Detecting Hackers By Monitoring User Commands
from the user-level-anomaly-detection dept
Some researchers are working on new hacker detection software that will work by recording how legitimate users normally use their computers, and then alerting security if something out of the ordinary is happening. Of course, there have been similar attempts to do this sort of thing, though usually based on network traffic, and not user commands. The problem with almost all of these, though, are the number of false-positives, which let the real attacks slip through. People don't always use their computers in the same way, and are going to do something different every once in a while. However, the researchers say they've improved the quality this time, so that only about 6% of the security alerts are false positives.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
