Table 1.3. Financial Losses Inflicted by Attacks (Millions of Dollars)
Chapter 2: Anatomy of an Attack
Table 2.1. Vulnerability Categories
Table 2.2. Capabilities of Locating and Eliminating Vulnerabilities
Table 2.3. Protective Measures against Hybrid Threats
Table 2.4. Probability of IP-Address Substitution
Table 2.5. Different Names for the Same Attack
Table 2.6. Number of CERT-Registered Security Incidents and Processed E-Mail Messages (from 1998 to the Second Quarter of 2002)
Chapter 3: Introduction to Intrusion Detection
Table 3.1. Sources of Attack Notifications
Table 3.2. Percentage of Organizations Using Intrusion Detection Technologies
Table 3.3. Percentage of Organizations Planning to Use Intrusion Detection Technologies
Table 3.4. Number of Windows Vulnerabilities in Default Configurations
Chapter 4: The Three Basic Principles of Intrusion Detection
Table 4.8. Advantages and Drawbacks of Statistical Methods for Intrusion Detection
Table 4.9. Advantages and Drawbacks of Expert Systems for Intrusion Detection
Table 4.10. Advantages and Drawbacks of Neural Networks for Intrusion Detection
Chapter 5: Detecting Attack Traces
Table 5.1. Factors Related to Intrusion Detection
Chapter 6: Classification of Intrusion Detection Systems
Table 6.1. Advantages and Drawbacks of the Project Analysis Systems from the Standpoint of Information Security
Table 6.2. Advantages and Drawbacks of Systems Based on Source-Code Analysis
Table 6.3. Advantages and Drawbacks of Test-Generating Systems
Table 6.4. Advantages and Drawbacks of Network-Level Security Scanners
Table 6.5. Advantages and Drawbacks of OS-Level Security Scanners
Table 6.6. Advantages and Drawbacks of Application-Level Intrusion Detection Systems
Table 6.7. Advantages and Drawbacks of OS-Level Intrusion Detection Systems
Table 6.8. Advantages and Drawbacks of Network-Level Intrusion Detection Systems
Table 6.9. Advantages and Drawbacks of Pattern Matching
Table 6.10. Advantages and Drawbacks of Stateful Pattern Matching
Table 6.9a. Advantages and Drawbacks of Consistency Checkers
Chapter 7: Anticipating Attacks, or Creating an Intrusion Detection Infrastructure
Table 7.1. Actions Aimed at Intrusion Detection
Table 7.2. Types of Log Files and Information Contained There
Chapter 8: The Life Cycle, Deployment, and Implementation of an IDS
Table 8.1. Approximate Implementation Times for Specific Steps of a Project Consisting of Deploying and Implementing an Intrusion Detection System (Man-Months/Months)
Table 8.2. Most Common Reasons Preventing Companies from Deploying Intrusion Detection Systems (According to the Results of a Poll Conducted by ICSA/SAIC)
Table 8.3. Typical Reasons Preventing Organizations from Deploying Intrusion Detection Systems (According to the Results of a Poll Conducted by Information Week)
Chapter 9: Selecting an Intrusion Detection System
Table 9.1. The Most Common Intrusion Detection Technologies and Their Areas of Application
Table 9.2. Advantages and Drawbacks of Intrusion Detection Systems Operating in Batch Mode
Table 9.3. Advantages and Drawbacks of Intrusion Detection Systems Operating in Real-Time Mode
Table 9.4. Priorities of IDS Selection Criteria for Different Categories of Users
Chapter 10: Placement of the Intrusion Detection System
Table 10.1. Test Results for AS3502 AppSwitch
Table 10.2. Average Packet Lengths for Different Protocols
Table 10.3. MTU Values for Different Networks
Chapter 11: Using Intrusion Detection Systems
Table 11.1. Comparison of Universal and Specialized Intrusion Detection Platforms
Table 11.2. Operating Systems Used by IDSs
Table 11.3. Measures to Be Taken by IS Personnel
Table 11.4. An Example of a Scanning Plan
Chapter 12: Common IDS Problems
Table 12.1. Growth of IDS Sales
Table 12.2. Mergers and Acquisitions on the IDS Market