Intrusion Detection
published by
Macmillan Technical Publishing
(ISBN:
1-57870-185-6) published in Jan. 2000.
This volume is a comprehensive guide to the history, concepts and technologies that contribute to computer and network security as well as a detailed description of the current state-of-the-art and research frontiers in the field of intrusion detection.
Anyone concerned with computer security or intrusion detection will find something of value in this book.
From the cover:
With the number of intrusion and hacking incidents around the world on the rise, the importance of having dependable intrusion detection systems in place is greater than ever. Offering both developmental and technical perspectives on the crucial element of network security, Intrusion Detection covers:
- Practical considerations for selecting and implementing intrusion detection systems
- Methods for handling the results of analysis, and the options for responses to detected problems
- Data sources commonly used in intrusion detection and how they influence the capabilities of all intrusion detection systems
- Legal issues surrounding detection and monitoring that affect the design, development, and operation of intrusion detection systems.
More than just an overview of the technology, Intrusion Detection presents real analysis schemes and responses, as well as a detailed discussion of the vulnerabilities inherent in many systems, and approaches to testing systems for these problems. Ideal for the network architect who has to make decisions on what intrusion detection system to implement and how to do it, this book will help you:
- Understand the history of the technology, as well as how future changes may affect your systems
- Guide and organization through a full acquisition lifecycle, from initial requirements definition to product deployment
- Choose your systems responses to detected problems and tie the results back into the site security management process
- Assess the quality of a proposed or existing intrusion detection system design
Reviewers Comments:
People have been working on computer intrusion detection
systems for nearly 20 years. As a researcher, I am bothered
that other scientists arent familiar with the good work
that has already been done, and as a consumer I am
disconcerted that I dont have better commercial
products to defend my systems.
Becky Bace has been there, done that, read about it,
thought about it, and now written it all down. Everyone who
works in intrusion detection can gain something by reading
this book. You can too.
Eugene H. Spafford, Professor and Director of the Purdue University CERIAS
This book serves as a fantastic reference for the
history of commercial and research intrusion detection
tools. Even for practitioners of intrusion detection, this
book can be a real eye-opener.
Beckys book grounds the intrusion detection discussion in a
way that is readable, informative, and practical.
Gene Kim, Chief Technology Office, Tripwire Security Systems, Inc.
I cannot imagine a consulting expert in this field who will want to be without a copy of Beckys book. Corporate managers, directors, and legal counsel need to digest these arguments as well.
Fred Chris Smith, Attorney, Santa Fe, New Mexico
There is plenty here to point the needful system
administrator in direction of an intrusion detection system
appropriate for his current envisioned needs. But this book
does much more: It provides solid perspective in a
field where empty claims often dominate, and it will
provide insights needed to cope with situations where
existing products fall short or fail altogether to protect
a system.
I am certain that this book will become an industry
standard in intrusion detection as a discipline.
Marvin Schaefer, Chief Scientist, Vice President, Arca Systems
This book bridges a critical gap in the reference
market. It encompasses both the principles of intrusion
detection and a wealth of specific examples, enabling the
reader to form a sound basis for understanding and
evaluating what is happening in the field.
This book demystifies intrusion detection without
oversimplifying the problem.