nist-intrusion-detection

nist-intrusion-detection - NIST Special Publication on...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: NIST Special Publication on Intrusion Detection System Page 1 of 51 Intrusion Detection Systems Rebecca Bace 1 and Peter Mell 2 1 Infidel, Inc., Scotts Valley, CA 2 National Institute of Standards and Technology NIST Special Publication on Intrusion Detection System Page 2 of 51 Intrusion Detection Systems ..... 1 NIST Special Publication on Intrusion Detection Systems ............................................... 5 1. Introduction ............................................................................................................. 5 2. Overview of Intrusion Detection Systems ................................................................ 5 2.1. What is intrusion detection? ............................................................................. 5 2.2. Why should I use Intrusion Detection Systems? ............................................... 5 2.2.1. Preventing problems by increasing the perceived risk of discovery and punishment of attackers ........................................................................................... 6 2.2.2. Detecting problems that are not prevented by other security measures ...... 6 2.2.3. Detecting the preambles to attacks (often experienced as network probes and other tests for existing vulnerabilities) ............................................................... 7 2.2.4. Documenting the existing threat ............................................................... 7 2.2.5. Quality control for security design and administration .............................. 7 2.2.6. Providing useful information about actual intrusions ................................ 8 2.3. Major types of IDSs ......................................................................................... 8 2.3.1. Process model for Intrusion Detection ...................................................... 8 2.3.2. How do I distinguish between different Intrusion Detection approaches? . 8 2.3.3. Architecture ............................................................................................. 9 2.3.4. Goals ....................................................................................................... 9 2.3.5. Control Strategy ..................................................................................... 10 2.3.6. Timing ................................................................................................... 14 2.3.7. Information Sources ............................................................................... 15 2.3.8. IDS Analysis .......................................................................................... 18 2.3.9. Response Options for IDSs .................................................................... 20 2.4. Tools that Complement IDSs ......................................................................... 23 2.4.1. Vulnerability Analysis or Assessment Systems ...................................... 23 2.4.2. File Integrity Checkers ........................................................................... 26....
View Full Document

Page1 / 51

nist-intrusion-detection - NIST Special Publication on...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online