> Just to see if they are fit to this purpose :-) From my experience w/ NN's (grad school), if factors can be defined, then they'd make an excellent solution. Just an FYI...when I worked for SAIC, there was a product called CMDS. It used an "expert system" developed at NASA to perform network event anomoly detection. Basically, from the description, a neural network could "learn" what normal activity looked like...by user or by IP address. As the system learned, the thresholds could be tightened to the point where...theoretically...false positives could be reduced to almost nil. SAIC is/was a service company, not a product company, and sold CMDS to ODS networks. It looks as if a lot of changes have gone on since '99, but it looks as if the current incarnation of these products can be found here: http://www.intrusion.com Also...as a side note...does anyone have any experience with CyberWolf? http://www.cyberwolftech.com/ carv __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 06:11:38 PDT