This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Defending Yourself: The Role of Intrusion Detection Systems
September/October 2000 (vol. 17 no. 5)
pp. 42-51
Intrusion detection systems are an important component of defensive measures protecting computer systems and networks from abuse. This article considers the role of IDSs in an organization's overall defensive posture and provides guidelines for IDS deployment, operation, and maintenance.

1. J.P. Anderson, Computer Security Threat Monitoring and Surveillance, tech. report, James P. Anderson Co., Fort Washington, Pa., 1980.
2. D.E. Denning, “An Intrusion-Detection Model,” IEEE Trans. Software Eng., vol. 13, pp. 222–232, Feb. 1987.
3. J. Allen et al., State of the Practice of Intrusion Detection Technologies, Tech Report, CMU/SEI-99-TR-028, Carnegie Mellon Univ., Software Eng. Inst., Pittsburgh, 2000.
4. R. Lippmann et al., "Evaluating Intrusion Detection Systems: The 1998 DAPA Offline Intrusion Detection Evaluation," Discex 2000, Vol. 2, IEEE Computer Society Press, Los Alamitos, Calif., 2000, pp. 12-26.
5. J.P. Egan, Signal Detection Theory and ROC Analysis, Academic Press, San Diego, 1975.
6. T.H. Ptacek and T.N. Newsham, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection, 1998; www.cs.cornell.edu/talchttp://www.aciri.org/ vernPtacek-Newsham-Evasion-98.ps.
7. A. Briney, "Got Security?" Information Security Magazine, Vol 2, No. 7, July 1999, pp. 20-23.
8. A.K. Larson, "Global Security Survey: Virus Attack," Information Week, No. 743, July12 1999, pp. 42-4, 48, 50, 52-3, 56.
9. C. Boeckman, "Getting Closer to Policy-Based Intrusion Detection," Information Security Bulletin, Vol. 5, No. 4, May 2000, pp. 13-22.
10. S. Northcutt, Network Intrusion Detection, New Riders, Indianapolis, 1999.
11. E. Amoroso and R. Kwapniewski, "A Selection Criteria for Intrusion Detection Systems," Proc. 14th Ann. Computer Security Applications Conf., IEEE Computer Society Press, Los Alamitos, Calif., 1998, pp. 280-288.
12. H. Debar, "Testing Intrusion Detection Systems, Presentation to Groupe OSSIR," July 1999; www.ossir.org/ftp/supports/99/debarindex1.html .
13. R. Lippmann et al., "The 1999 DARPA Offline Intrusion Detection Evaluation," RAID 2000, LNCS, Springer-Verlag, New York, No. 1907, 2000, to appear.
14. J. McHugh, "The 1998 Lincoln Lab IDS Evaluation-A Critique," to be published in RAID 2000, LNCS, Springer-Verlag, New York, No. 1907, 2000.
15. R. Durst et al., "Testing and Evaluating Computer Intrusion Detection Systems," Comm. ACM, Vol. 42, No. 7, 1999, pp. 53-61.
1. B. Mukherjee, L.T. Heberlein, and K.N. Levitt, “Network Intrusion Detection,” IEEE Network, pp. 26–41, June 1994.
2. D. Anderson et al., Detecting Unusual Program Behavior Using the Statistical Component of the Next-Generation Intrusion Detection Expert System (NIDES), Tech. Report SRI-CSL-95-06, Computer Science Laboratory, SRI Int'l, Menlo Park, Calif., 1995.

Citation:
John McHugh, Alan Christie, Julia Allen, "Defending Yourself: The Role of Intrusion Detection Systems," IEEE Software, vol. 17, no. 5, pp. 42-51, Sept.-Oct. 2000, doi:10.1109/52.877859
Usage of this product signifies your acceptance of the Terms of Use.