The Cooperative Intrusion Detection Evaluation and Response project is an effort of NSWC Dahlgren, NFR, NSA, the SANS community and other interested parties to locate, document, and improve security software.

Perdue University's clearinghouse for intrusion detection information. Includes overviews, policy, detection methods, and tools.

Aims to develop protocols and application programming interfaces so that intrusion detection research projects can share information and resources and so that intrusion detection components can be reused in other systems.

Four examples of how we are applying ideas from immunology to today's computer security problems are a host based intrusion-detection method, a network based intrusion-detection system, a distributable change-detection algorithm, and a method for intentionally introducing diversity to reduce vulnerability.

A Data Mining Approach for Building Cost-sensitive and Light Intrusion Detection Models

Emeral represents state-of-the art in research and development of systems and components for anomaly and misuse detection in computer systems and networks.

INBOUNDS is a network-based, real-time, hierarchical intrusion detection system being developed at Ohio University. INBOUNDS detects suspicious behavior by scrutinizing network information generated by Tcprace, and host data gathered by the monitors of DeSiDeRaTa. INBOUNDS functions in a heterogeneous environment with fault tolerance, very low overhead, and a high degree of scalability.

Selected articles and papers related to intrusion detection research.

Information Assurance focusing on techniques for detecting and reacting to intrusions into networked information systems. We have coordinated several evaluations of computer network intrusion detection systems.

The purpose of the Intrusion Detection Working Group is to define data formats and exchange procedures for sharing information of interest to intrusion detection and response systems, and to management systems which may need to interact with them. The Intrusion Detection Working Group will coordinate its efforts with other IETF Working Groups.

This project is a data-mining based approach to detecting intruders in computer systems. The project approaches the intrusion detection problem from a data-mining perspective. Large quantities of data are collected from the system and analyzed to build models of normal behavior and intrusion behavior. These models are evaluated on data collected in real time to detect intruders.

Anomaly Detection in Database Systems, Common Intrusion Detection Framework, Intrusion Detection and Isolation Protocol / IDIP, Intrusion Detection for Large Networks, Misuse Detection and Workshop for Intrusion Detection and Response Data Sharing.

The Intrusion Detection (ID) Research Group at NC State University was formed by Dr. Peng Ning in August 2002.

A group mailing focusing on security information management, intrusion response, intrusion detection, intrusion prevention, intrusion management and honeynets/honeypots.

A mission-impact-based approach to INFOSEC alarm correlation.

Research project focused on the development of high performance data mining algorithms and tools that will provide support required to analyze the massive data sets generated by various processes that monitor computing and information systems.

Mobile Agent Intrusion Detection System (MAIDS) design and implementation research at Iowa State University.

This homepage provides general information about IDSs as well as specific information about the project 'OtO'.

The RAID workshop series is an annual event dedicated to the sharing of information related to the intrusion-detection area.

International Symposium on Recent Advances in Intrusion Detection. Held in conjunction with ESORICS 2004, September 15-17, 2004. The RAID International Symposium series is intended to advance the field of intrusion detection by promoting the exchange of ideas on a broad range of topics, bringing together leading experts from academia, government, and industry to discuss state-of-the-art intrusion detection technologies and issues from research and commercial perspectives.

The Reliable Software Group (RSG) works on languages and tools for designing, building, and validating software systems. Specific areas that the group has targeted include concurrent and real-time systems. We are also investigating techniques for increasing the security of computer systems, with particular emphasis on analyzing encryption protocols using machine aided formal verification techniques, modeling and analyzing covert channels, modeling and detecting computer intrusions, analyzing mobile code and Web browsers for security violations, and approaches to secure Internet computing with unsecure applications.

ResearchIndex is a scientific literature digital library that aims to improve the dissemination and feedback of scientific literature, and to provide improvements in functionality, usability, availability, cost, comprehensiveness, efficiency, and timeliness.

Research focuses on methods of improving the technical approach of identifying and preventing security flaws, limiting the damage from attacks, and ensuring that systems continue to provide essential services despite of compromises or failures.

Research institute actively involved in intrusion-detection research since 1983. Research focuses on EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances, a system designed to detect and respond to network attacks.

Hummer is a distributed component for any Intrusion Detection System ; Magpie is a hierarchical network of lightweight, mobile, and adaptive tools designed to both investigate and guard against intrusions.

Research project that utilizes network attack variations to make more precise statements about the detection capabilities of an IDS.