- Intrusion Detection FAQ
- Frequently asked questions about intrusion detection, from the SANS Institute. - An Introduction to Intrusion Detection Systems - Detailed introductory guide to intrusion detection systems, both host and network-based. The Dragon IDS Suite is used to demonstrate usage principles.
- IDS Evasion Techniques (Security Focus) - Explanations of basic IDS evasion techniques as well as suggested fixes and countermeasures to such attacks. Topics covered include basic string-matching weaknesses, polymorphic shell code, session splicing, fragmentation attacks, and denial of service attacks.
- Network-based intrusion-detection systems - IDS coverage from Network World, including an in-depth review of eight IDS products, tips for deployment and false alarm reduction, terminology glossary, and related news stories.
- Raffael Marty: Intrusion Detection Resources - A good overall collection of IDS resources including links to log analysis, honeypot, and other useful tools. Also includes information regarding the THOR and Odin IDS projects.
- Rules Definition for an Anomaly-Based IDS Solution - Information Security documentation, including a paper describing how to effectively use rule-based NIDS to perform anomaly intrusion detection. [PDF]
