|
|
Call for papers SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: editor@securityfocus.com 
Statistical-Based Intrusion DetectionThis article will examine statistical-based intrusion detection systems, which alert on anomalous network behaviour, thus providing better monitoring for zero-day exploits than traditional IDS. 2003-04-16 http://www.securityfocus.com/infocus/1686
Specter: A Commercial Honeypot Solution for WindowsThis is the third installment in an ongoing series of articles looking at honeypots. In the first two papers, we discussed the OpenSource honeypot Honeyd, how it works, and a deployment in the wild. In this paper we will look at a different honeypot, the commercially supported solution, Specter. 2003-04-08 http://www.securityfocus.com/infocus/1683
Open Source Honeypots, Part Two: Deploying Honeyd in the WildThis is the second part of a three-part series looking at Honeyd, the open source honeypot. In this paper we we will deploy Honeyd on the Internet for one week and watch what happens. The intent is to test Honeyd by letting real bad guys interact with and attack it. We will then analyze how the honeypot performed and what it discovered 2003-03-12 http://www.securityfocus.com/infocus/1675
Intrusion Prevention Systems: the Next Step in the Evolution of IDSIntrusion prevention systems combine the blocking capabilities of a firewall with the deep packet inspection of intrusion detection systems. this discussion will look at five different categories of IPSs that focus on attack prevention at layers that most firewalls are not yet able to decipher. 2003-02-27 http://www.securityfocus.com/infocus/1670
The Great IDS Debate : Signature Analysis Versus Protocol AnalysisAt the heart of intrusion detection systems lies the analysis engine. It reviews each packet, determines if it is malicious, and logs an alert if necessary – the core tasks of an IDS. Two different techniques, each favored by separate and loyal camps, have emerged as the preferred engine behind IDS software. In this article, we'll examine and compare the two different techniques: signature analysis and protocol analysis. 2003-02-05 http://www.securityfocus.com/infocus/1663
Intelligence Gathering: Watching a Honeypot at WorkThe purpose of this article is share with the security community the data the author collected from his honeypot. This discussion will include the attacker's recon, the attack, the attempted cover-up, and the reason for the attack on the honeypot 2003-01-10 http://www.securityfocus.com/infocus/1656
Evaluating Network Intrusion Detection Signatures, Part ThreeThis is the third article in a series devoted to evaluating the quality of network intrusion detection (NID) signatures. This article will wrap up the series by examining other ways of generating attacks with other security-related tools and by manually creating your own attacks. 2002-12-18 http://www.securityfocus.com/infocus/1651
Complete Snort-based IDS Architecture, Part TwoThis is second part of a two-part article that will provide a set of detailed directions to build an affordable intrusion detection architecture. This installment willll discuss Web interface configuration, summaries and daily reporting, automated attack response, installation of sensors, and big distributed IDS systems. 2002-11-19 http://www.securityfocus.com/infocus/1643
Complete Snort-based IDS Architecture, Part OneMany companies find it hard to justify acquiring the IDS systems due to their perceived high cost of ownership. However, not all IDS systems are prohibitively expensive. This two-part article will provide a set of detailed directions to build an affordable intrusion detection architecture from hardware and freely available software. 2002-11-06 http://www.securityfocus.com/infocus/1640
Identifying and Tracking Emerging and Subversive Worms Using Distributed Intrusion Detection SystemsDistributed intrusion detection systems (dIDS) are one method that can be used to identify new and emerging worms that spread via subversive propagation techniques. This paper will discuss how and why the dIDS design is able to identify, detect, and track worms even as they implement more advanced propagation methods. 2002-10-16 http://www.securityfocus.com/infocus/1634 |
|
Privacy Statement |