Centrifuge/Playing with generic attack detection

[Mario Heiderich]

Hi!

I've been playing around lately with some generic attack detection -
first trying levenshtein and soundex (which resulted in nothing
usable), then trying some own algorithms.

After some time a had a script which I could feed with the vectors
from your submissions and our unit tests and the results after
executing some methods on them was pretty surprising - the script
works like a kind of centrifuge.

http://php-ids.org/files/centrifuge.phps

What do you think?

Greetings,
.mario