You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Context-Based Intrusion Detection Using Snort, Nessus and Bugtraq Databases

Tags:
network security

Overview Intrusion Detection Systems (IDS) use different techniques to reduce the number of false positives they generate. Simple network context information such as the communication session state has been added in IDS signatures to only raise alarms in the proper context. However, this is often not sufficient and more network context information needs to be added to these Stateful IDS (SIDS) signatures to reduce the number of false positives. IDS are also used with other network monitoring systems such as Vulnerability Detection Systems (VDS) and vulnerability databases in centralized correlation systems to determine the importance of an alarm. The correlation mechanism relies on the accuracy of a standardized relationship between IDS signatures, VDS signatures and the vulnerability databases.

Further White Paper Details
Publisher	Carleton University	File Format	PDF
Date Published	July 2005
Format	White Papers
Topics	Network Security, Security Tools, Intrusion Detection Systems

Did you find this white paper useful? 4 out of 4 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

Woods Services Gains Advanced Web Filtering Technology with Bloxx

Publisher:
Bloxx

Tags:
network security

Signing up the competition - have digital signatures met their match?

There are around eighteen other hacker detection products on the market, and they are all based on signatures. Digital signatures may have hit the headlines for securing ecommerce transactions, but in more traditional security fields, they are...

Channel:
Comment & Analysis

CyberSafe partners Network Ice for advanced IDS

The product uses protocol analysis techniques instead of comparing packets to a database of existing signatures. The vendors claim that the packet dropping problem, often the shortcoming of IDS, is minimised with CentraxICE because the software...

Channel:
Security Strategy

Symantec launches multiple threat protection

It features a single update mechanism which automatically updates virus definitions, firewall rules and intrusion detection signatures. The product, called Symantec Client Security, features firewall, anti-virus and intrusion detection system (IDS...

Channel:
Security Strategy

Cisco battles Juniper with worms

Many intrusion prevention solutions have suffered from a high rate of false positives, causing some non-threatening traffic to be dropped. Platon said the company is also working to extend its intrusion detection technology, which is already...

Channel:
Security Strategy

Lack of "balls" in Whitehall will hinder ID cards

Neville-Jones added there is a very real danger of disenfranchising innocent people with 'false positives' - people being told they aren't who they say they are. She said: "The requirement for 100 per cent accuracy is huge and I don't think we've...

VeriSign enterprise security tool comes to Europe

Because they're in different silos, individual teams can't have complete context about whether a vulnerability is an issue outside their remit, or in another part of the organisation. He said: "We have built network context on top of vulnerability...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

Context-Based Intrusion Detection Using Snort, Nessus and Bugtraq Databases

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific