Intrusion Detection FAQ: Books on or related to Intrusion Detection and Prevention

< Previous Question | Back to Intrusion Detection FAQ Home | Next Question >

Some of these books directly address Intrusion Detection and Prevention, while others provide insight into the subtleties of detecting malicious, anomalous, or inappropriate activity.

IDS/IPS

Snort Intrusion Detection and Prevention Toolkit: by Brian Caswell, Jay Beale, Andrew Baker; ISBN-10: 1597490997; February 2007
Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection: by Ankit Fadia; ISBN-10: 1598634143; July 2007
Extrusion Detection: Security Monitoring for Internal Intrusion: by Richard Bejtlich; ISBN-10: 0321349962; November 2005
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks: by Michal Zalewski; ISBN-10: 1593270461; April 2005v
Host Integrity Monitoring Using Osiris and Samhain: by Brian Wotring, Bruce Potter, Marcus Ranum; ISBN-10: 1597490180; May 2005
Intrusion Prevention and Active Response: Deploying Network and Host IPS: by Michael Rash, Angela D. Orebaugh, Graham Clark, Becky Pinkard, Jake Babbin; ISBN-10: 193226647X; April 2005
Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network: by Michael Gregg; ISBN-10: 1597491098; October 2006
Network Intrusion Detection (3rd Edition): by Stephen Northcutt, Judy Novak; ISBN-10: 0735712654; September 2002
Intrusion Prevention and Active Response: Deploying Network and Host IPS: by Michael Rash, Angela D. Orebaugh, Graham Clark, Becky Pinkard, Jake Babbin; ISBN-10: 193226647X; April 2005
Intrusion Prevention Fundamentals: by Earl Carter, Jonathan Hogue; ISBN-10: 1587052393; January 2006
Advanced Host Intrusion Prevention with CSA: by Chad Sullivan, Jeff Asher, Paul Mauvais; ISBN-10: 1587052520; May 2006

Understanding Network Protocols

The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference: by Charles Kozierok; ISBN-10: 159327047X; March 2005
Running IPv6: by Iljitsch van Beijnum; ISBN-10: 1590595270; November 2005

Understanding Malicious Code

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition): by Edward Skoudis, Tom Liston; ISBN-10: 0131481045; January 2006
Malware: Fighting Malicious Code: by Ed Skoudis, Lenny Zeltser; ISBN-10: 0131014056; November 2003

General

The Tao of Network Security Monitoring: Beyond Intrusion Detection: by Richard Bejtlich; ISBN-10: 0321246772; July 2004
Virtual Honeypots: From Botnet Tracking to Intrusion Detection: by Niels Provos, Thorsten Holz; ISBN-10: 0321336321; July 2007
Extreme Exploits: Advanced Defenses Against Hardcore Hacks: by Victor Oppleman, Oliver Friedrichs, Brett Watson; ISBN-10: 0072259558; July 2005

Know Your Enemy

LAN Switch Security: What Hackers Know About Your Switches: by Eric Vyncke, Christopher Paggen; ISBN-10: 1587052563; September 2007
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities: by Mark Dowd, John McDonald, Justin Schuh; ISBN-10: 0321444426; November 2006
Hacker's Challenge 3 (Hacking Exposed): by David Pollino, Bill Pennington, Tony Bradley, Himanshu Dwivedi; ISBN-10: 0072263040; April 2006
Penetration Tester's Open Source Toolkit: by Charl Van Der Walt, HD Moore, Roelof Temmingh, Haroon Meer, Johnny Long, Chris Hurley, James Foster; ISBN-10: 1597490210; June 2005
Network Security Assessment: Know Your Network: by Chris McNab; ISBN-10: 0596510306; November 2007
Security Warrior: by Cyrus Peikari, Anton Chuvakin; ISBN-10: 0596005458; February 2004
Hacking Exposed Cisco Networks (Hacking Exposed): by Andrew Vladimirov, Konstantin Gavrilenko, Andrei Mikhailovsky; ISBN-10: 0072259175; December 2005