Reading List |
1. Intrusion Detection Message Exchange Requirements -draft-ietf-idwg-requirements-10
http://www.ietf.org/internet-drafts/draft-ietf-idwg-requirements-10.txt
2. The Intrusion Detection Message Exchange Format draft-ietf-idwg-idmef-xml-12
http://www.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-12.txt
3. The Intrusion Detection Exchange Protocol (IDXP) draft-ietf-idwg-beep-idxp-07
http://www.ietf.org/internet-drafts/draft-ietf-idwg-beep-idxp-07.txt
4. The TUNNEL Profile (RFC 3620)
http://www.ietf.org/rfc/rfc3620.txt
5. SANS NIDS FAQ
www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
6. NIST Special Publication 800-31 “Intrusion Detection Systems”
http://csrc.nist.gov/publications
7. Snort 2.1 Users Manual
www.snort.org/docs/snort_manual.pdf
8. NeWT Pro Users Guide
http://h.students.umkc.edu/hg24d/School/dr/docs/newt_2.1_user_guide.pdf
9. Proxy-Annotated Control Flow Graphs: Deterministic Context-Sensitive Monitoring for Intrusion Detection, ICDCIT 2004 (Samik Basu and Prem Uppuluri,)
http://www.sce.umkc.edu/~uppulurip/research/icdcit.pdf
10. Experiences with Specification Based Intrusion Detection System, Recent Advances in Intrusion Detection (RAID) October 2001 (Prem Uppuluri and R. Sekar)
http://www.sce.umkc.edu/~uppulurip/research/raid01.ps
11. Building Survivable Systems: An Integrated Approach based on Intrusion Detection and Damage Containment, , IEEE DISCEX 2000, Hilton Head Island, SC (T. Bowen, M. Segal, R. Sekar, T. Shanbhag and Prem Uppuluri)
http://www.sce.umkc.edu/~uppulurip/research/discex01.ps
12. Pattern Based Intrusion Detection Systems, P. Uppuluri & R. Sekar, TR 99-02, Iowa State University, Ames, IA, 1999
http://www.seclab.cs.sunysb.edu/~prem/tr99.ps
13. Synthesizing Fast Intrusion Prevention/Detection Systems from High-Level Specifications, (with R. Sekar), USENIX Security Symposium 1999, Washington D.C.
http://www.seclab.cs.sunysb.edu/~prem/usenix99.ps
14. “An Introduction to Intrusion Detection Assessment for System and Network Security Management”
http://www.icsa.net/services/consortia/intrusion/intrusion.pdf.
15. Intrusion Detection System Product Survey
http://lib-www.lanl.gov/lapubs/00416750.pdf
16. Optimizing Pattern Matching for Intrusion Detection
http://www.sourcefire.com/products/downloads/secured/sf_OPMforID.pdf
17. A New Approach to Vulnerability Management and Intrusion Detection - by Sourcefire and IBM
http://www.sourcefire.com/products/downloads/secured/IBM-SF_white_paper.pdf
18. HTTP IDS Evasions Revisited
http://www.sourcefire.com/products/downloads/secured/sf_HTTP_IDS_evasions.pdf
19. Real-time Network Awareness
http://www.sourcefire.com/products/downloads/secured/sf_RNA.pdf
20. Moving Beyond Detection - Solving the data management problem
http://www.sourcefire.com/products/downloads/secured/sf_beyond_detection.pdf
21. Intelligent Threat Mitigation & Response
http://www.sourcefire.com/products/downloads/secured/SF_threat_mitigation.pdf
22. Snort 2.0 - Detection Revisited
http://www.sourcefire.com/products/downloads/secured/sf_snort20_detection_rvstd.pdf
23. Rules definition for anomaly based intrusion detection
http://www.packetstormsecurity.com/papers/IDS/anomaly_rules_def.pdf
24. The Science of Intrusion Detection System Attack Identification
http://cisco.com/en/US/products/sw/secursw/ps2113/products_white_paper09186a0080092334.shtml
25. Network Security Policy: Best Practices White Paper
http://cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a008014f945.shtml
26. State of the Practice of Intrusion Detection Technologies
http://www.cert.org/archive/pdf/99tr028.pdf
27. Intrusion Detection and Prevention: Protecting Your Network From Attacks
http://www.juniper.net/solutions/literature/white_papers/wp_idp.pdf
28. Intrusion Prevention Systems(Mike Barkett, CISSP, NFR® Security, Inc.)
http://www.nfr.com/resource/downloads/SentivistIPS-WP.pdf
29. Nmap network security scanner man page
http://www.insecure.org/nmap/data/nmap_manpage.html
30. Left open (to be added as the reading proceeds)
Copyright: Himanshu Gupta 2003-2004.