Enterprise-wide Security Attack Detection

With the growing number of security incidents, a requirement is to provide adequate security protection to computer networks. To protect computer networks from security attacks, a current approach is to deploy countermeasures, such as firewalls at the network perimeter, intrusion detection systems (IDSes) within the network and virus scanners on end user systems. Whilst these countermeasures provide a degree of protection, they struggle to detect emerging security threats. Emerging security attacks appear to be distributed and coordinated, while the defences offered by these countermeasures operate in isolation from one another. Each countermeasure possesses only fragments of evidence about the overall state of the network and consequently its response may be both delayed and limited in scope.

To accurately detect enterprise-wide security attacks that are perceived on various networks today or on multiple complex security domains an integrated security framework is proposed, discussed and tested. This innovative security framework is well presented in this book – “Security Framework for Attack Detection in Computer Networks”. This well written book is highly recommended for all security practitioners, analysts, consultants, engineers and decision makers at various levels.