Intrusion Detection Systems - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

A Benchmark Suite for Behavior-Based Security Mechanisms 2006-06-09 01:00:26 Northeastern University

This paper presents a benchmark suite for evaluating behavior-based security mechanisms. Behavior-based mechanisms are used to protect computer systems from intrusion and detect malicious code embedded in legitimate applications. They complement signature-based mechanisms (e.g., anti-virus products) by tackling zero-day attacks that have no signatures extracted yet, as well as polymorphous attacks that have no stable signatures. The paper presents a benchmark suite of eight programs. All of them are legitimate applications and can be infected with a variety of malevolent activities. An evaluation framework is designed to infect, disinfect, build and run the benchmark programs. This benchmark suite aims to help evaluate the effectiveness of behavior-based defense mechanisms during multiple development stages, including prototyping, testing, and normal operation.

Virus Prevention and Recovery: A TechRepublic Real World Guide 2005-12-19 15:20:44

This TechRepublic Real World Guide offers a wealth of information to help with all your antivirus efforts. It explains why today's IT organizations need a written virus protection policy and includes a policy template that you can customize for use in your own company. Learn how to prevent, stop, and clean up after a virus infection, and find out how antivirus software itself can impact your organization's disaster recovery strategy. The guide also offers two handy checklists: one for handling active e-mail virus attacks and one for preventing future infections.

Note: This premium editorial content is underwritten by Panda Software. The registration information you provide will be shared with our sponsor.

Introduction to Intrusion Detection With Snort 2006-11-01 01:00:29 Sun Microsystems

As soon as someone discovers a new computer security vulnerability, hordes of crackers start knocking at the doors of computers worldwide to see if they can penetrate their defenses. Many sites employ a combination of border router firewalls and host-based packet filters and wrappers to protect themselves, but what if the vulnerability is in the very mechanism that's used to secure a service? How can systems administrators know that their machines are under attack and/or have been compromised? The best way to catch the crackers in the act is to use an Intrusion Detection System (IDS). After a brief discussion of IDS, this paper focuses on a pattern-matching network-based IDS, Snort.

A Survey on Attacks and Countermeasures in Mobile Ad Hoc Networks 2006-05-10 01:00:28 Springer Science+Business Media

Security is an essential service for wired and wireless network communications. The success of Mobile Ad hoc NETworks (MANET) strongly depends on people's confidence in its security. However, the characteristics of MANET pose both challenges and opportunities in achieving security goals, such as confidentiality, authentication, integrity, availability, access control, and non-repudiation. This paper provides a survey on attacks and countermeasures in MANET. The countermeasures are features or functions that reduce or eliminate security vulnerabilities and attacks. First, the paper gives an overview of attacks according to the protocols stacks, and to security attributes and mechanisms, and then the paper presents preventive approaches following the order of the layered protocol stacks.

Centralized Identity and Policy Management for Windows, Linux, Unix, Mac and Java with Active Directory and DirectControl 2006-01-26 11:06:54

Centrify enables a secure, connected computing environment by seamlessly integrating your Unix, Linux, Mac, Java and web platforms with Microsoft Active Directory's identity, access, and policy management services. With its patent-pending Zone technology, Centrify delivers the only solution that does not require intrusive reconfiguration of existing systems and provides the granular administrative control needed to securely manage a diverse set of systems and applications. This white paper examines the compelling business and technical case for centralizing administration in Microsoft's Active Directory, describes how DirectControl enables you to integrate Active Directory with your non-Microsoft platforms, and describes DirectControl�s architecture and benefits.

Symantec Security Update - July 2005: Worldwide and Japan 2005-09-15 03:00:04 Symantec

This white paper offers a brief summary of Internet security activity for the month of July 2005. The paper covers developments in vulnerabilities, attacks, malicious code and spam. This paper will discuss security developments in the Japan region over the past month. Symantec comprehensively tracks attack activity across the entire Internet. Over 20,000 sensors deployed in over 180 countries by Symantec DeepSight Threat Management System and Symantec Managed Security Services gather this data. The attack statistics discussed in this paper are based on attacks detected by these sensors between June 24 and July 23, 2005.

Symantec Security Update - July 2005: Worldwide and EMEA 2005-09-15 03:00:04 Symantec

This white paper offers a brief summary of Internet security activity for the month of July 2005. The paper covers developments in vulnerabilities, attacks, malicious code and spam. This paper will discuss security developments in the EMEA region over the past month. Symantec comprehensively tracks attack activity across the entire Internet. Over 20,000 sensors deployed in over 180 countries by Symantec DeepSight Threat Management System and Symantec Managed Security Services gather this data. The attack statistics discussed in this paper are based on attacks detected by these sensors between June 24 and July 23, 2005.

How to Implement Endpoint Security for Remote Users and VPNs 2005-09-13 11:17:05

As virtual private networks (VPNs) become more widely used, remote access security has become a major issue facing corporate IT departments. The Positive Networks PositivePRO VPN service provides a comprehensive managed endpoint security solution, encompassing anti-virus software, anti-spyware, firewall, critical updates, authentication, intrusion detection and more. It combines state-of-the-art endpoint security technology with a policy management system, a service-based solution model, and a support infrastructure. Download this white paper to learn more.

3Com Enterprise Product Guide 2005-11-01 11:35:50

Find out more about 3Com's Security, Convergence and Networking Solutions and Global Services in this handy 3Com Enterprise Products product guide.

An Impact Assessment Model for Distributed Adaptive Security Situation Assessment 2006-06-14 01:00:26 University of California

The goal of any intrusion detection, anti-virus, firewall or other security mechanism is not simply to stop attacks, but to protect a computing resource so that the resource can continue to perform its function. Sometimes, the efforts made to stop an attack on a resource may be as bad as the attack itself in terms of affecting the overall ability of the system to complete its mission. What is needed is a method of choosing responses to attacks on components that still allows the system to achieve its goals. This paper presents a model of computing resources and of how the loss or degradation of resources impacts the ability of a system to complete its mission.

Jump to 1 2 3 4 5 [6] 7 8 9 10

Title	Date Added	Company
A Benchmark Suite for Behavior-Based Security Mechanisms	2006-06-09 01:00:26	Northeastern University
This paper presents a benchmark suite for evaluating behavior-based security mechanisms. Behavior-based mechanisms are used to protect computer systems from intrusion and detect malicious code embedded in legitimate applications. They complement signature-based mechanisms (e.g., anti-virus products) by tackling zero-day attacks that have no signatures extracted yet, as well as polymorphous attacks that have no stable signatures. The paper presents a benchmark suite of eight programs. All of them are legitimate applications and can be infected with a variety of malevolent activities. An evaluation framework is designed to infect, disinfect, build and run the benchmark programs. This benchmark suite aims to help evaluate the effectiveness of behavior-based defense mechanisms during multiple development stages, including prototyping, testing, and normal operation.
Virus Prevention and Recovery: A TechRepublic Real World Guide	2005-12-19 15:20:44
This TechRepublic Real World Guide offers a wealth of information to help with all your antivirus efforts. It explains why today's IT organizations need a written virus protection policy and includes a policy template that you can customize for use in your own company. Learn how to prevent, stop, and clean up after a virus infection, and find out how antivirus software itself can impact your organization's disaster recovery strategy. The guide also offers two handy checklists: one for handling active e-mail virus attacks and one for preventing future infections. *Note:* This premium editorial content is underwritten by Panda Software. The registration information you provide will be shared with our sponsor.
Introduction to Intrusion Detection With Snort	2006-11-01 01:00:29	Sun Microsystems
As soon as someone discovers a new computer security vulnerability, hordes of crackers start knocking at the doors of computers worldwide to see if they can penetrate their defenses. Many sites employ a combination of border router firewalls and host-based packet filters and wrappers to protect themselves, but what if the vulnerability is in the very mechanism that's used to secure a service? How can systems administrators know that their machines are under attack and/or have been compromised? The best way to catch the crackers in the act is to use an Intrusion Detection System (IDS). After a brief discussion of IDS, this paper focuses on a pattern-matching network-based IDS, Snort.
A Survey on Attacks and Countermeasures in Mobile Ad Hoc Networks	2006-05-10 01:00:28	Springer Science+Business Media
Security is an essential service for wired and wireless network communications. The success of Mobile Ad hoc NETworks (MANET) strongly depends on people's confidence in its security. However, the characteristics of MANET pose both challenges and opportunities in achieving security goals, such as confidentiality, authentication, integrity, availability, access control, and non-repudiation. This paper provides a survey on attacks and countermeasures in MANET. The countermeasures are features or functions that reduce or eliminate security vulnerabilities and attacks. First, the paper gives an overview of attacks according to the protocols stacks, and to security attributes and mechanisms, and then the paper presents preventive approaches following the order of the layered protocol stacks.
Centralized Identity and Policy Management for Windows, Linux, Unix, Mac and Java with Active Directory and DirectControl	2006-01-26 11:06:54
Centrify enables a secure, connected computing environment by seamlessly integrating your Unix, Linux, Mac, Java and web platforms with Microsoft Active Directory's identity, access, and policy management services. With its patent-pending Zone technology, Centrify delivers the only solution that does not require intrusive reconfiguration of existing systems and provides the granular administrative control needed to securely manage a diverse set of systems and applications. This white paper examines the compelling business and technical case for centralizing administration in Microsoft's Active Directory, describes how DirectControl enables you to integrate Active Directory with your non-Microsoft platforms, and describes DirectControl�s architecture and benefits.
Symantec Security Update - July 2005: Worldwide and Japan	2005-09-15 03:00:04	Symantec
This white paper offers a brief summary of Internet security activity for the month of July 2005. The paper covers developments in vulnerabilities, attacks, malicious code and spam. This paper will discuss security developments in the Japan region over the past month. Symantec comprehensively tracks attack activity across the entire Internet. Over 20,000 sensors deployed in over 180 countries by Symantec DeepSight Threat Management System and Symantec Managed Security Services gather this data. The attack statistics discussed in this paper are based on attacks detected by these sensors between June 24 and July 23, 2005.
Symantec Security Update - July 2005: Worldwide and EMEA	2005-09-15 03:00:04	Symantec
This white paper offers a brief summary of Internet security activity for the month of July 2005. The paper covers developments in vulnerabilities, attacks, malicious code and spam. This paper will discuss security developments in the EMEA region over the past month. Symantec comprehensively tracks attack activity across the entire Internet. Over 20,000 sensors deployed in over 180 countries by Symantec DeepSight Threat Management System and Symantec Managed Security Services gather this data. The attack statistics discussed in this paper are based on attacks detected by these sensors between June 24 and July 23, 2005.
How to Implement Endpoint Security for Remote Users and VPNs	2005-09-13 11:17:05
As virtual private networks (VPNs) become more widely used, remote access security has become a major issue facing corporate IT departments. The Positive Networks PositivePRO VPN service provides a comprehensive managed endpoint security solution, encompassing anti-virus software, anti-spyware, firewall, critical updates, authentication, intrusion detection and more. It combines state-of-the-art endpoint security technology with a policy management system, a service-based solution model, and a support infrastructure. Download this white paper to learn more.
3Com Enterprise Product Guide	2005-11-01 11:35:50
Find out more about 3Com's Security, Convergence and Networking Solutions and Global Services in this handy 3Com Enterprise Products product guide.
An Impact Assessment Model for Distributed Adaptive Security Situation Assessment	2006-06-14 01:00:26	University of California
The goal of any intrusion detection, anti-virus, firewall or other security mechanism is not simply to stop attacks, but to protect a computing resource so that the resource can continue to perform its function. Sometimes, the efforts made to stop an attack on a resource may be as bad as the attack itself in terms of affecting the overall ability of the system to complete its mission. What is needed is a method of choosing responses to attacks on components that still allows the system to achieve its goals. This paper presents a model of computing resources and of how the loss or degradation of resources impacts the ability of a system to complete its mission.

Security

Featured Whitepapers

Member Login

10 million IT Folks can't be wrong with their server choice.

Oracle Technology Solutions for Midsize Businesses

Country Report: India