The XCtM Project version ?
What's the XCtM Project?
This project was started by myself years ago when I setup my first email server. The amount of spam that I took was enough to make a systems tech go into a room and work out a process that could identify the spam.
The application was designed to profile spam and to match it with the user of the email account. It took awhile but I was successful at about 99.8%. That was back in the late 90's.
As I added more systems and servers I also added more positive features for other spammers and visitors. Now I needed to monitor and profile based on the type of site.
It was like matching up food groups in simple terms. If an Apple accesses the dinner plate with a Potatoe are they a good match? If not then track and see what the intent is. In the begining days it was difficult but as data poured in the SMART-iA scripts that I created earlier that year started it's profiling. It's a pattern match fuzzy basically. If you visit pages not linked it would record access attempts etc.
The Project came about when firewalls and AV software started changing. It wasn't enough to just have a firewall you needed more.
Now let's fast forward to 2012. Today the XCtM is still up and running doing it's thing. Now with new online applications the project will shift over and start monitoring remote access private cloud systems.
This script is not outbound or used for anything other than monitoring movement and that is triggered by aggressive patterns.
You'll welcome to join in the project. It's not open source and most likely will not be for a few more months but I plan on releasing the design so other coders can use it to monitor apps and activity of their applications.