The new book - Intrusion Detection - by best selling computer security author Edward Amoroso introduces a fascinating security technique for catching Internet crackers in real time. The book outlines critical issues in intrusion detection including techniques for Internet surveillance, correlation, trace back, honey pot traps, and incident response. The book includes hundreds of illustrations and provides case studies from popular commercial systems. An annotated biliography and index is included.
Book Description
Editorial Reviews
About the Author
Dr. Edward Amoroso is Chief Technical Officer of the Information Security Center at AT&T Laboratories in New Jersey. He is author of Fundamentals of Computer Security Technology (Prentice-Hall, 1994) and PCWeek Internet and Intranet Firewall Strageies, with Ron Sharp (Ziff-Davis, 1996). He holds faculty appointments at the Stevens Institute of Technology and Monmouth University and is a frequent lecturer around the world on Internet security.
Product Details
Would you like to update product info or give feedback on images?
|
More About the Author
Discover books, learn about writers, read author blogs, and more.
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
20 of 20 people found the following review helpful:
4.0 out of 5 stars
Good theoretical approach,
By
This review is from: Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response (Paperback)
This book is not intended as a practitioner's handbook--that is what Northcutt's book is for. Amoroso's book is used as a text in his graduate classes.If you want to understand the subject from a conceptual level, this book succeeds admirably. It is a bit dry, but acceptably so. Given that Amoroso has taught the subject several times, the organization is logical. The sources are extensive (although other academics who have performed research in this area complain that several important references are missing). Don't expect to be able to build an intrusion detection system after reading this book, but if you want an in-depth understanding of the subject, you should probably read it.
24 of 26 people found the following review helpful:
3.0 out of 5 stars
Useful as a college text, but not for front-line analysts,
By
This review is from: Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response (Paperback)
I am responsible for a 50+ person intrusion detection mission, and I read this book in August 1999. Had I not read Stephen Northcutt's "Network Intrusion Detection," I may not have given Dr. Amoroso's work three stars. Unfortunately, by catering to a niche audience (probably graduate students), this book is not very helpful to folks under fire from malicious Internet users. Dr. Amoroso is very respected in the field, but I would have preferred less process charts and taxonomy descriptions. The publisher does a disservice by stating on the back cover "System administrators, programmers, system and software engineers, and managers of technology will find this book invaluable." Had the book been advertised as a college text, I would have been less critical. Sorry Dr. Amoroso -- I look forward to your next book, though!
13 of 14 people found the following review helpful:
5.0 out of 5 stars
A well focused taxonomy of intrusion detection,
By A Customer
This review is from: Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response (Paperback)
I came across this book as a required text for Dr. Amoroso's graduate course, Software System Security (SE513), at Monmouth University. The book is well organized into eight chapters that give you the primary definitions in chapter one. In chapter two the methods of intrusion detection, such as audit trail processing, are intorduced. The author then procedes to the architecture of intrusion detection in chapter 3. The taxonomy of intrusion detection systems in chapter four helps one categorize the different types of intrusions that are possible. All kinds of intrusions are considered whether they result from a software vulnerability or a physical facility security breach. Even if the reader were to put the book down at this point he or she would have a good conversational knowledge of what intrusions are and why it is hard to implement thorough and efficient intrusion detection systems. The material in chapter five on Internet Identity was easy to understand yet exact in its descriptions. Topics such as browser cookies which every novice should be aware of right up to the UNIX samuri techniques of the "finger program" and "trace back" were covered. I believe the material in chapter five alone would make an interesting short course in internet security for users at all levels. The most interesting chapter in the second half of the book is chapter seven on internet traps and honey pots, which are used to catch "crackers". In general, I found the book quite useful for suggesting possible research topics. The research topic I found most interesting was the denial of service attacks, which inspired me to do a paper on the principles of writing effective macro viruses.
Share your thoughts with other customers: Create your own review
|
|
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
