RE: History of intrusion detection

From: Rishi Pande (rpande_at_vt.edu)
Date: 04/09/04

  • Next message: Harper, Patrick: "RE: Sourcefire IDS?"
    To: "'Thomas'" <t531333@pandora.be>, <focus-ids@securityfocus.com>
    Date: Thu, 8 Apr 2004 19:09:18 -0400
    
    

    You may want to take a look at two articles

    1. Einwechter, Nathan "An Introduction To Distributed Intrusion
    Detection Systems", Security Focus, 2001
    <http://online.securityfocus.com/infocus/1532>
    2. Robbins, Royce, "Distributed Intrusion Detection Systems: An
    Introduction and Review", SANS Reading Room, GSEC Practical Assignment,
    2002

    In my experience they seem to answer most of my historical questions
    about IDS.

    Good luck!

    Rishi

    -----Original Message-----
    From: Thomas [mailto:t531333@pandora.be]
    Sent: Wednesday, April 07, 2004 4:05 PM
    To: focus-ids@securityfocus.com
    Subject: History of intrusion detection

    Hi,

    I'm doing a little research on the history of id systems. The first
    paper i found introducing the concept of intrusion detection is from one

    James P. Anderson (1980) . Does any of you know about any older
    documents of this kind?

    paper at http://seclab.cs.ucdavis.edu/projects/history/papers/ande80.pdf

    Thanks,
    Thomas

    ------------------------------------------------------------------------

    ---
    ------------------------------------------------------------------------
    ---
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Harper, Patrick: "RE: Sourcefire IDS?"

    Relevant Pages

    • Re: True definition of Intrusion Prevention
      ... >Prevention versus Network Intrusion Detection, ... to be monitoring the integrity of the host's operation. ...
      (Focus-IDS)
    • Re: Nasty propaganda by "security tool" providers
      ... If neither was detected via heuristics, then it makes complete sense that B Nice's was not detected. ... It had never been "in the wild" and given it's history, could have never been a signature generated. ... One hypothesis is that when the PoC was known to AV companies, it's signature was added to detection databases to poke a stick in VB's eye. ...
      (comp.security.misc)
    • re: windows 2000 Intrustion Detection
      ... even to the point of installing ... So, I'd recommend prevent first, then detection. ... Do You Yahoo!? ...
      (Security-Basics)
    • Re: Intrusion Prevention
      ... > approach to IDS technologies and provides a number of advantages over ... > other detection systems, such as proactively detecting reconnaissance ... 100% no false positives, 'proactive' intrusion detection, intrusion ...
      (Focus-IDS)
    • Re: Specification-based Anomaly Detection
      ... >>intrusion detection, where most of the products are built on a misuse ... > used anomaly detection by building user profiles and was available from ... I meant NETWORK intrusion detection, ... 34/5 I-20133 Milano - ITALY ...
      (Focus-IDS)