Outline for June 2, 2005

  1. IDS Models
    1. Anomaly detection
    2. Misuse modeling
    3. Specification modeling
  2. Architecture
    1. Agent
    2. Director
    3. Notifier
  3. Organization of IDS
    1. Monitoring network traffic
    2. Combining host and network monitoring
    3. Autonomous agents
  4. Intrusion Response
    1. Prevention
    2. Handling
      1. Containment phase
      2. Eradication phase
      3. Follow-up phase

Here is a PDF version of this document.