Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.

This book discusses fundamental security issues in wireless sensor networks, techniques for the protection of such networks, as well as results from recent studies in wireless sensor network security. It contains example applications for target tracking, scientific exploration and data acquisition in hazardous environments, and includes a fairly new study on capabilities of mu-TESLA, a broadcast authentication technique for wireless sensor networks. The book assists both professionals and students to understand background knowledge in wireless sensor network security and prepare them for producing research in this domain.

This book constitutes the proceedings of the 14th European Symposium on Research in Computer Security, ESORICS 2009, held in Saint-Malo, France, in September 2009.

The 42 papers included in the book were carefully reviewed and selected from 220 papers. The topics covered are network security, information flow, language based security, access control, privacy, distributed systems security, security primitives, web security, cryptography, protocols, and systems security and forensics.

This book constitutes the refereed proceedings of the 8th International Conference on Information and Communications Security, ICICS 2006, held in Raleigh, NC, USA, December 2006. The 22 revised full papers and 17 revised short papers cover security protocols, applied cryptography, access control, privacy and malicious code, network security, systems security, cryptanalysis, applied cryptography and network security, and security implementations.

Wireless sensor networks have recently received a high level of attention due to their wide applications in military and civilian operations. Security for Wireless Sensor Networks discusses fundamental security issues in wireless sensor networks, techniques for the protection of such networks, as well results from recent studies in wireless sensor network security. This volume assists both professionals and students to understand background knowledge in wireless sensor network security and prepare them for producing research in this domain. Security for Wireless Sensor Networks is designed for a professional audience composed of researchers and practitioners in industry. This book is also suitable as a secondary text for graduate-level students in computer science.

Intrusion detection systems (IDS) are usually deployed along with other preventive security mechanisms, such as access control and authentication, as a second line of defense that protects information systems. Intrusion detection complements the protective mechanisms to improve the system security. Moreover, even if the preventive security mechanisms can protect information systems successfully, it is still desirable to know what intrusions have happened or are happening, so that the users can understand the security threats and risks and thus be better prepared for future attacks. Intrusion detection techniques are traditionally categorized into two classes: anomaly detection and misuse detection. Anomaly detection is based on the normal behavior of a subject (a user or a system); any action that significantly deviates from the normal behaviour is considered intrusive. Misuse detection catches intrusions in terms of characteristics of known attacks or system vulnerabilities; any action that conforms to the pattern of known attack or vulnerability is considered intrusive. and network based IDSs according to the source of the audit information used by each IDS. Host-based IDSs get audit data from host audit trails and usually aim at detecting attacks against a single host; distributed IDSs gather audit data from multiple hosts and possibly the network and connects the hosts, aiming at detecting attacks involving multiple hosts; network-based IDSs use network traffic as the audit data source, relieving the burden on the hosts that usually provide normal computing services. Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modelling requests among co-operative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.