Predicting User Behavior to Improve Security

CitizenC writes "New computer-monitoring software designed to second-guess the intentions of individual system users could be close to perfect at preventing security breaches, say researchers. Read more." The paper (pdf) is online as well.

Home Security

[McFly69]

-Note to Self-

Keep doors locked at my house to prevent other people from coming in.

what if

[Diclophis]

the first action you take breaches security?

Re:hmmm...

[Angry+White+Guy]

Hell, even without promotions, added staff, etc. Everyone in my office acts irrationally enough to screw the system up completely in an hour or so.
They can't fire us all.

Sounds good for other people.

[teamhasnoi]

Might be something to install to prevent me from reading /. all day long.

Oh wait. That wouldn't be unusual. DAMMIT!

Re:Well, um

[qengho]

A user's creativeness to mess things up never ceases to amaze.

Or as one of the corollaries to Murphy's Law states: "No matter how idiot-proof you make something, an ingenious idiot in the field will find a workaround."

Re:destined to failure

[distributed.karma]

> The Heisenberg uncertainty principle states that there will always be true statements within a system that cannot be proved within that system.

Um, that's Godel's Theorem.

> Wish I was a Physics Genius

I think that just about sums it up. ;-)

Obligatory

[scott1853]

Clippy: It appears as though you are trying to hack into an IIS box.

Would you to start the IIS hacking wizard?

Would you like to view a list of the top 1,000 exploits?

Never show this prompt again, its already too easy to hack IIS.

Profiling crackers? Brilliant!

[jabber01]

Sounds like profiling terrorists. It'll work great, and everyone will feel secure and all, until somone flies a plane into their "secure" server.

Hm

[E_elven]

$ r00t machine
Ush: command not found: r00t

*meanwhile, in the Secret Command Centre*
#QUEER#COMMAND##INVESTIGATE##

$ owNz0rz machine
owNz0rz: unknown parameter machine

*SCC*
###THERE#MIGHT#BE#SOMETHING#GOING#ON##

$ owNz0rz r00t
Ush: j00 owNz0r d4 r00t!

*SCC*
#####ALARM#ALARM#####

$
Ush: Someone trying to use 'alarm()', authorize? n0
Ush: Killing alarming process.
$ 1337

so laik

[digitalsushi]

it'd be like...

while :;do for IP in `cat /var/log/httpd/access_log|awk '{print $2}'`; do /usr/sbin/iptables -t filter -A INPUT -p tcp -s $IP/32 -j DROP;done;done or something like that. Yeah. I got your AI right here. I can sell you a tarball with a digitally signed dignature- I'm quite digil when it comes to being a digilante.

The Microsoft Version

[flanagan]

Pop up a dialog:

"It looks like you are trying to hack into this system. Would you like me to start the Hacking Wizard for you?"

Solution

[Some+Dumbass...]

New computer-monitoring software designed to second-guess the intentions of individual system users could be close to perfect at preventing security breaches

Prediction: Users cause security breaches.

Near-perfect solution: Eliminate all users.

-- Skynet, 09-29-1997, 02:14 hours :)

Re:Intelligent pr0n filters..

[grub]

I assume the other 20% of rules cover the interracial and black pr0n sites?

They're all pink on the inside. :)