Some of these books directly address Intrusion Detection and Prevention, while others provide insight into the subtleties of detecting malicious, anomalous, or inappropriate activity.
IDS/IPS
- Snort Intrusion Detection and Prevention Toolkit
- by Brian Caswell, Jay Beale, Andrew Baker
- ISBN-10: 1597490997
- February 2007
- Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection
- by Ankit Fadia
- ISBN-10: 1598634143
- July 2007
- Extrusion Detection: Security Monitoring for Internal Intrusion
- by Richard Bejtlich
- ISBN-10: 0321349962
- November 2005
- Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
- by Michal Zalewski
- ISBN-10: 1593270461
- April 2005v
- Host Integrity Monitoring Using Osiris and Samhain
- by Brian Wotring, Bruce Potter, Marcus Ranum
- ISBN-10: 1597490180
- May 2005
- Intrusion Prevention and Active Response: Deploying Network and Host IPS
- by Michael Rash, Angela D. Orebaugh, Graham Clark, Becky Pinkard, Jake Babbin
- ISBN-10: 193226647X
- April 2005
- Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network
- by Michael Gregg
- ISBN-10: 1597491098
- October 2006
- Network Intrusion Detection (3rd Edition)
- by Stephen Northcutt, Judy Novak
- ISBN-10: 0735712654
- September 2002
- Intrusion Prevention and Active Response: Deploying Network and Host IPS
- by Michael Rash, Angela D. Orebaugh, Graham Clark, Becky Pinkard, Jake Babbin
- ISBN-10: 193226647X
- April 2005
- Intrusion Prevention Fundamentals
- by Earl Carter, Jonathan Hogue
- ISBN-10: 1587052393
- January 2006
- Advanced Host Intrusion Prevention with CSA
- by Chad Sullivan, Jeff Asher, Paul Mauvais
- ISBN-10: 1587052520
- May 2006
Understanding Network Protocols
- The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference
- by Charles Kozierok
- ISBN-10: 159327047X
- March 2005
- Running IPv6
- by Iljitsch van Beijnum
- ISBN-10: 1590595270
- November 2005
Understanding Malicious Code
- Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)
- by Edward Skoudis, Tom Liston
- ISBN-10: 0131481045
- January 2006
- Malware: Fighting Malicious Code
- by Ed Skoudis, Lenny Zeltser
- ISBN-10: 0131014056
- November 2003
General
- The Tao of Network Security Monitoring: Beyond Intrusion Detection
- by Richard Bejtlich
- ISBN-10: 0321246772
- July 2004
- Virtual Honeypots: From Botnet Tracking to Intrusion Detection
- by Niels Provos, Thorsten Holz
- ISBN-10: 0321336321
- July 2007
- Extreme Exploits: Advanced Defenses Against Hardcore Hacks
- by Victor Oppleman, Oliver Friedrichs, Brett Watson
- ISBN-10: 0072259558
- July 2005
Know Your Enemy
- LAN Switch Security: What Hackers Know About Your Switches
- by Eric Vyncke, Christopher Paggen
- ISBN-10: 1587052563
- September 2007
- The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
- by Mark Dowd, John McDonald, Justin Schuh
- ISBN-10: 0321444426
- November 2006
- Hacker's Challenge 3 (Hacking Exposed)
- by David Pollino, Bill Pennington, Tony Bradley, Himanshu Dwivedi
- ISBN-10: 0072263040
- April 2006
- Penetration Tester's Open Source Toolkit
- by Charl Van Der Walt, HD Moore, Roelof Temmingh, Haroon Meer, Johnny Long, Chris Hurley, James Foster
- ISBN-10: 1597490210
- June 2005
- Network Security Assessment: Know Your Network
- by Chris McNab
- ISBN-10: 0596510306
- November 2007
- Security Warrior
- by Cyrus Peikari, Anton Chuvakin
- ISBN-10: 0596005458
- February 2004
- Hacking Exposed Cisco Networks (Hacking Exposed)
- by Andrew Vladimirov, Konstantin Gavrilenko, Andrei Mikhailovsky
- ISBN-10: 0072259175
- December 2005
Honorable Mention
- Security Metrics: Replacing Fear, Uncertainty, and Doubt
- by Andrew Jaquith
- ISBN-10: 0321349989
- April 2007
