computer immunology

VaX#n8 (vax@LINKDEAD.PARANOIA.COM)
Fri, 17 Oct 1997 12:49:31 -0500

Bugtraq and IDS readers may be interested in October 1997's CACM
article on "Computer Immunology", in which a University of New Mexico
prof and two grad students discuss the possibilities of detecting
abnormal program behavior using characteristic patterns of use,
specifically the system call pattern of key system utilities such
as sendmail, wu.ftpd, and lpr.
It is "a view from 5 000m" but interested readers may find more
in the Proceedings of the 1996 IEEE Symposium on Computer Security
and Privacy, or Proceedings of the 10th Annual Computer Security
Applications Conference, or May 1993 IEEE Spectrum.

PS: listserv@netspace appears to be broken;
I have tried to sign on to bugtraq several times.

--
VaX#n8
http://www.paranoia.com/~vax
League of Non-aligned Wizards
"The question is, are you paranoid enough?"