Year
1995
Abstract
The prototype described in this article analyzes the behavior of computer users. Their profiles are described using quantitative (CPU time, average connexion error number, etc.) and qualitative (connexion date, workstation, etc.) data. The system allows for the change of risk class, to which each user is allocated, according to their profile variation. This prototype has been experimented successfully on a UNIX network.
AKOKA, J., BRIOLAT, D. et COMYN-WATTIAU, I. (1995). Damar : automate de détection avancée de malveillances sur un réseau. Dans: XIIIe Congrès de l’AFAI – Réussir avec les nouvelles technologies de l’information. Association Française de l’Audit et du Conseil Informatiques (AFAI).