I am a huge fan of anomany-based detection, instead of using the old and innefective signature-based. I'm always saying that about IDS and antivirus. However, it's always good to see different opinions and information. I've found this article very interesting, as it shows some problems related to anomaly-based detection. It's a very valuable reading.
Other view about anomaly-based detection
Other view about anomaly-based detection
Other view about anomaly-based detection
I am a huge fan of anomany-based detection, instead of using the old and innefective signature-based. I'm always saying that about IDS and antivirus. However, it's always good to see different opinions and information. I've found this article very interesting, as it shows some problems related to anomaly-based detection. It's a very valuable reading.