[转载]CERIAS Intrusion Detection

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

http://www.cerias.purdue.edu/abo ... ntrusion_detection/

Introduction
This site is a listing of many of the internet resources associated with Intrusion Detection. The list is divided into sections to make finding information easier.

It would be great if all our computer systems were totally secure but, unfortunately, they are not and will not be anytime soon. And even if they were, there is always the possibility of an authorized user misusing his or her privileges. The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts.