Fuzzy Userprofile IDS v2
fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
| Tags | Security Monitoring |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX BSD OpenBSD Linux NetBSD Windows Windows Cygwin Mac OS X FreeBSD Unix Solaris |
| Implementation | C++ |
Recent releases
- 15 Feb 2006 14:45
Release Notes: This release includes the 'day of the week' input in the calculation of the attacker level. It can detect accounts that are used on unusual days in this way.
- 03 Jan 2006 10:44
Release Notes: This release adds a script that creates sorted HTML output of fupids2's logs. The logging system was improved.
- 16 Dec 2005 11:23
Release Notes: The calculation system for the attacker level of users' behavior is now replaced by a calculation through a neural network.
- 09 Dec 2005 08:21
Release Notes: Fupids should now run under win32 and Solaris.
- 08 Dec 2005 11:22
Release Notes: The code now compiles under Mac OS without problems.
cdpxe
03 Dec 2005 14:49
Heartbeat
- Popularity Score
- 33.14
- Vitality Score
- 2.69
- Subscriptions
- 8
