Cyber Security Expo
Intrusion Detection
Click here to return to the library index
Title Contributor Date Description Rating
Log Analysis for Intrusion Detection Daniel B. Cid 26/05/06 The main goal of this document, submitted by Daniel Cid, is to show how some threats can be detected by correlating specific patterns on web, proxy and authentication logs. 9
Hiding an Intrusion Detection System, A Theoretical Discussion on How to Play 'Hide 'N Go Peek' Bob Radvanovsky 13/03/04 Discusses the caveats of emplacement of an IDS environment, and what companies are doing about it. Discussion over what may be one (of many) possible method of 'hiding' an intrusion detection system environment. 5
Improving the Database Logging Performance of the Snort Network Intrusion Detection Sensor Lambert Schaelicke 11/12/03 Presents and evaluates a performance optimization technique that caches the contents of a database table to reduce the number of queries. When applied to the Snort intrusion detection sensor and the ACID database, this technique reduces alert logging overhead by 25 percent. 7
Detecting Intrusions with your Firewall Log and OsHids Daniel B. Cid 28/11/03 Talks about one of the basics, but powerful methods of Intrusion Detection: Firewall’s Log analysis and the use of the OsHids tool to monitor your logs. 7
Five IDS Mistakes People Make Anton Chuvakin 01/11/03 Reviews several important mistakes made by companies when planning and deploying IDS systems, including using NIDS but with limited scope, unchecked alerts, no response policy for events and more. 6
Future of IDS Joe Bowling 28/10/03 Provides an overview of TCP/IP, covers the purpose and the history behind IDS, and current day functionality/challenges of this technology. The highlight of the paper covers how problems of today’s IDS will be met in the future in terms of interoperability, responsiveness and more. 9
Airids Architecture And Methodology Thomas Munn 01/10/03 A hybridized IDS framework that tries to fuse different technologies into an Intelligent Intrusion Prevention system, called 'Airids' for short. 9
Snort Install Manual Patrick Harper 23/09/03 A guide to installing Snort on a Linux machine along with basic configuration and troubleshooting. As the author said, it’s a “How in the hell do I get this installed and working” guide. 10
Tripwire Intro on Linux Charles Hornat 15/09/02 What Tripwire is, how it is installed and used on Linux. This guide provides you with the basics needed for simple monitoring of your system. 9
Intrusion Detection - Community Contributions
Title Contributor Date Description Rating
IDABench – The Network Security Analyst’s Toolbox  Jeff Stebelton 25/07/08 Jeff Stebelton wrote this paper on IDABench which is a compliment to your IDS/IPS. No votes
PREVENTION!!! – Network Intrusion Prevention Systems Jalaynea A. Cooper 20/12/07 This contribution from Jalaynea Cooper is about Network Intrusion Prevention Systems, what is Network Security, Network Attacks and Detection, Network Intrusion Prevention, and the Future of Network Intrusion Prevention Systems. 9
Making Effective Use of Your Intrusion Detection System Jamie Riden 23/12/06 This paper, written by Jamie Riden, is about maximizing the usefulness of your Network Intrusion Detection System. No votes
Intrusion Detection Systems in Hospitals: What, Why, and Where. Jody Barnes 12/07/06 In this contribution, Jody Barnes discusses types of IDS, the importance to a complete security program and placement best practices for hospitals. 8
IDS and IPS Placement for Network protection Robert Drum 23/05/06 This paper, written by Robert Drum, discusses the factors affecting proper placement of Intrusion Detection and Prevention System (IDS/IPS) sensors in computer networks. 5
Intrusion Prevention Systems in the Healthcare Environment Lakisha Thomas 04/05/06 Lakisha Thomas submits this paper reviewing HIPPA requirements and how IDS/IPS helps meet those requirements. 6
An Inexpensive and Versatile IDS Dave Schwartzburg 26/12/05 Dave Schwartzburg submits this paper on building an inexpensive and versatile intrusion detection system using Snort, a Cable/DSL Router, and OpenWRT. No votes
A poor-man Tripwire-like system on Windows 9x/NT Floydman 08/09/02 A simple and low-cost way to implement Tripwire-like capabilities on a Microsoft Windows 95/98/NT/2000/* machine 8

All images, content & text (unless other ownership applies) are © copyrighted 2000 -  , All rights reserved. Comments are property of the respective posters.