Table of contents

Slide 1

Intrusion Detection Systems

Network Based IDS

Host Based IDS

Indication and Warning Methodology

I&W Recent History

I &W Warnings

I &W Warnings (cont'd)

War on Cyber Crime

Security Indications and Warnings

Indicators

Indicators (cont'd)

Event Categories

Event Categories (cont'd)

Barriers

Boundaries

Barriers and Boundaries

Level of Significance

SIW Approach

Policy Statement #1

Policy Statement #2

Policy Statement #3

Statement #1 Responses

Statement #1 Responses (cont'd)

Statement #2 Responses

Statement #3 Responses

Defining Barriers

Barrier Breakdown

Barrier Breakdown (cont'd)

Boundary Breakdown

Rule Generation

Sample Rules

Sample Rules (cont'd)

Rule Threshold

Refined Equation

Advantages

Disadvantages

Summary