Projects / Fuzzy Userprofile IDS v2

Fuzzy Userprofile IDS v2

fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.

Tags
Licenses
Operating Systems
Implementation

RSS Recent releases

  •  15 Feb 2006 14:45

Release Notes: This release includes the 'day of the week' input in the calculation of the attacker level. It can detect accounts that are used on unusual days in this way.

  •  03 Jan 2006 10:44

Release Notes: This release adds a script that creates sorted HTML output of fupids2's logs. The logging system was improved.

  •  16 Dec 2005 11:23

Release Notes: The calculation system for the attacker level of users' behavior is now replaced by a calculation through a neural network.

  •  09 Dec 2005 08:21

Release Notes: Fupids should now run under win32 and Solaris.

  •  08 Dec 2005 11:22

Release Notes: The code now compiles under Mac OS without problems.

Screenshot

Project Spotlight

NTRU

The NTRU public-key cryptosystem.

Screenshot

Project Spotlight

InvestiGateIX

A Debian GNU/Linux and Apache Solr-based live system.