Section 18.4. Recommended Reading and Web Sites | Cryptography and Network Security (4th Edition)

[Page 591 (continued)]

18.4. Recommended Reading and Web Sites

Two thorough treatments of intrusion detection are [BACE00] and [PROC01]. A more concise but very worthwhile treatment is [BACE01]. Two short but useful survey articles on the subject are [KENT00] and [MCHU00]. [NING04] surveys recent advances in intrusion detection techniques. [HONE01] is the definitive account on honeypots and provides a detailed analysis of the tools and methods of hackers.

BACE00 Bace, R. Intrusion Detection. Indianapolis, IN: Macmillan Technical Publishing, 2000.
BACE01 Bace, R., and Mell, P. Intrusion Detection Systems. NIST Special Publication SP 800-31, November 2000.
HONE01 The Honeynet Project. Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community. Reading, MA: Addison-Wesley, 2001.
KENT00 Kent, S. "On the Trail of Intrusions into Information Systems." IEEE Spectrum, December 2000.
MCHU00 McHugh, J.; Christie, A.; and Allen, J. "The Role of Intrusion Detection Systems." IEEE Software, September/October 2000.
NING04 Ning, P., et al. "Techniques and Tools for Analyzing Intrusion Alerts." ACM Transactions on Information and System Security, May 2004.
PROC01 Proctor, P., The Practical Intrusion Detection Handbook. Upper Saddle River, NJ: Prentice Hall, 2001.

[Page 592]

Recommended Web Sites

CERT Coordination Center: The organization that grew from the computer emergency response team formed by the Defense Advanced Research Projects Agency. Site provides good information on Internet security threats, vulnerabilities, and attack statistics.
Honeynet Project: A research project studying the techniques of predatory hackers and developing honeypot products.
Honeypots: A good collection of research papers and technical articles.
Intrusion Detection Working Group: Includes all of the documents generated by this group.