Introduction to Network Security - Intrusion Detection
This paper first discusses the two different types of IDSs, network based and host based. It then covers the two methods used to detect intrusions, signature based and behavior based. This is a basic paper that will only touch on a broad overview of IDS technologies; it is only intended for the security engineer needing a high level overview of intrusion detection.
Read the Article
|
Intrusion Forecasting System
The paper describes an Intrusion Forecasting System which is the future of the present intrusion detection systems.It discusses the present intrusion detection systems, need to develop an Intrusion Forecasting System, architecture of the system, the implementation and explains the techniques to be used in developing such a system.
Read the Article
|
Correlation of IDS Events
Recently there have been much interest in Event correlation to computer network intrusion detection events to speculate the pattern of an attack. This paper explores some correlation techniques which can be applied to the Intrusion alerts and identify the patterns that are seen commonly across the events.
Read the Article
|
Issues Discovering Compromised Machines
This article discusses the discovery of compromised machines in large enterprise environments, and offers some suggestions on correlating NIDS and HIPS logs to avoid false positives.
Read the Article
|
Remote physical device fingerprinting
We introduce the area of remote physical device fingerprinting, or fingerprinting a physical device, as opposed to an operating system or class of devices, remotely, and without the fingerprinted device's known cooperation. We accomplish this goal by exploiting small, microscopic deviations in device hardware: clock skews.
Read the Article
|
