PacketSource — Security White Papers
 
A A A
 

Protocol Anomaly Detection for Network-based Intrusion Detection

Author: Kumar Das Published Feb. 14, 2011 from SANS

Intrusion detection has become an essential component of computer security in recent years. Security administrators are complementing existing security measures with intrusion detection systems (IDSs) to achieve defense in depth. To be useful, an IDS must be selected and configured with its environment in mind, and it must be monitored by knowledgeable personnel. An effective IDS provides accurate and timely information about ongoing intrusions which is necessary to protect todayÂ’s networks.

Tags:

PDFRead the complete paper at SANS