By Rebecca Gurley Bace
Published by Macmillan Technical Publishing (ISBN: 1-57870-185-6), January 2000.
This volume is a comprehensive guide to the history, concepts and technologies that contribute to computer and network security as well as a detailed description of the current state-of-the-art and research frontiers in the field of intrusion detection.
Anyone concerned with computer security or intrusion detection will find something of value in this book.
From the cover:
With the number of intrusion and hacking incidents around the world on the rise, the importance of having dependable intrusion detection systems in place is greater than ever. Offering both developmental and technical perspectives on the crucial element of network security, Intrusion Detection covers:
- Practical considerations for selecting and implementing intrusion detection systems
- Methods for handling the results of analysis, and the options for responses to detected problems
- Data sources commonly used in intrusion detection and how they influence the capabilities of all intrusion detection systems
- Legal issues surrounding detection and monitoring that affect the design, development, and operation of intrusion detection systems
More than just an overview of the technology, Intrusion Detection presents real analysis schemes and responses, as well as a detailed discussion of the vulnerabilities inherent in many systems, and approaches to testing systems for these problems. Ideal for the network architect who has to make decisions on what intrusion detection system to implement and how to do it, this book will help you:
- Understand the history of the technology, as well as how future changes may affect your systems
- Guide and organization through a full acquisition lifecycle, from initial requirements definition to product deployment
- Choose your systems responses to detected problems and tie the results back into the site security management process
- Assess the quality of a proposed or existing intrusion detection system design
People have been working on computer intrusion detection systems for nearly 20 years. As a researcher, I am bothered that other scientists aren't familiar with the good work that has already been done, and as a consumer I am disconcerted that I don't have better commercial products to defend my systems.
Becky Bace has been there, done that, read about it, thought about it, and now written it all down. Everyone who works in intrusion detection can gain something by reading this book. You can too.
This book serves as a fantastic reference for the history of commercial and research intrusion detection tools. Even for practitioners of intrusion detection, this book can be a real eye-opener.
Becky's book grounds the intrusion detection discussion in a way that is readable, informative, and practical.
I cannot imagine a consulting expert in this field who will want to be without a copy of Becky's book. Corporate managers, directors, and legal counsel need to digest these arguments as well.
There is plenty here to point the needful system administrator in direction of an intrusion detection system appropriate for his current envisioned needs. But this book does much more: It provides solid perspective in a field where empty claims often dominate, and it will provide insights needed to cope with situations where existing products fall short or fail altogether to protect a system.
I am certain that this book will become an industry standard in intrusion detection as a discipline.
This book bridges a critical gap in the reference market. It encompasses both the principles of intrusion detection and a wealth of specific examples, enabling the reader to form a sound basis for understanding and evaluating what is happening in the field.
This book demystifies intrusion detection without oversimplifying the problem.