Introduction
This site is a listing of many of the internet resources associated with Intrusion Detection. The list is divided into sections to make finding information easier.
It would be great if all our computer systems were totally secure but, unfortunately, they are not and will not be anytime soon. And even if they were, there is always the possibility of an authorized user misusing his or her privileges. The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts.
Intrusion Detection Systems
Research Projects
- AID (Adaptive Intrusion Detection system) (link removed)
- ASAX (Advanced Security audit trail Analysis on uniX
- Autonomous Agents for Intrusion Detection
- EMERALD (Event Monitoring Enabling Responses to Anomalous Live Disturbances)
- Electronic Commerce and Financial Information Systems: Widely Distributed Data Mining and Fraud Detection
- GrIDS (Graph-based Intrusion Detection System)
- IDIOT (Intrusion Detection In Our Time)
- Misuse Detection Project
- NADIR (Network Anomaly Detection and Intrusion Reporter) (link removed)
- NID (Network Intrusion Detector) (link removed)
- USTAT (State Transition Analysis Tool for UNIX)
Commercial Products
- VCC/TripwireTM
- CMDS (Computer Misuse and Detection System) by SAIC
- INTOUCH NSA (Network Security Agent) by TTI
- Intrusion Detection, Inc
-
NetRanger by
WheelgroupNow Cisco Systems
- POLYCENTER Security Intrusion Detector by TTI
- Real Secure by ISS
- Sourcefire Intrusion Detection System
Other Lists of Intrusion Detection Systems
- COAST Intrusion Detection Systems (link removed)
- Michael Sobirey's Intrusion Detection Page
- NIST Intrusion Detection Tools
Intrusion Detection Bibliographies
Mailing Lists
- Intrusion Detection Mailing List Archive (link removed)
Other Resources
- COAST Intrusion Detection Pages
- MCN's Intrusion Information (link removed)
- NITB Intrusion Detection and Response
Webmaster@CERIAS
