A very significant challenge remains for IDS designers to fuse sensor, threat, and situational information from numerous heterogeneous distributed agents, system managers, and databases. Coherent pictures which can be used by network controllers to visualize and evaluate the security of network are required today. The basic principles how the art and science of multisensor data fusion applied to future ID systems to create highly reliable next generation intrusion detection systems which identify, track, and assess complex threat situations have been identified.
Papers on these subjects may have been published and it would be great to the emphasis on network security in a more productive R&D direction. Here is a link to one these papers, published in CACM:
Intrusion Detection Systems & Multisensor Data Fusion, Communications of the ACM, pp. 99-105, Vol. 43, No. 4, April 2000 - download the PDF.
Until we, the security community, began to build next generation systems and stop worrying about kiddy scripts and low-level hacks, the growth of technology and autoscripting attacks and hacks will far outpace the ability of historical IDS systems. We must turn our attention to data fusion, data mining hierarchical models and defocus on the low-level tactical hack. As long as the community is focused on the sensationalism of low-priority 'noise' our vast brain and community power is critically disorganized. In a nutshell, we are fighting nats in a forest of weeds and thistle growing at exponential rates. As long as we focus on the nats, we will never prepare the garden of the more serious threats of the future.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.