CIRT and other Incident sources of information
June 6, 2010Audit Evidence Requirement. IS Auditing Guideline. Information Systems Audit and Control
Computer Security Incident Handling: Step-by-Step. System Administration Networking and Security (SANS) Institute Publications.
Computer Security Incident Response Policy. The Center for Information Technology.
Detecting Signs of Intrusion. CERT Coordination Center. Carnegie Mellon Software
Prepare to respond to intrusions. CERT Coordination Center.
Responding to Intrusions. CERT Coordination Center.
Incident Reporting Guidelines. CERT Coordination Center.
NSA Glossary of Terms Used in Security and Intrusion Detection by Greg Stocksdale
How to Form a Skilled Computer Incident Response Team by Peter Stephenson
Handbook for Computer Security Incident Response Teams (CSIRTs) by Moira J. West-Brown,
Don Stikvoort, and Klaus-Peter Kossakowski.
Forming an Incident Response Team by Danny Smith
Establish policies and procedures for responding to intrusions. CERT Coordination Center.
Expectations for Computer Security Incident Response. The Internet Society.
Responding to Intrusions by Klaus-Peter Kossakowski
List of Security Tools. CERT Coordination Center.
Network Intrusion Detection An Analyst’s Handbook by Stephen Northcutt
Biermann, E., Cloete, E. and Venter, L. (2001). A Comparison of Intrusion Detection Systems. Computers & Security
ClickZ Stats Staff, Population Explosion, (2005), Available at: http://www.clickz.com/stats/sectors/geographics/article.php/5911_151151
CERT® Coordination Center, (2005) CERT Coordination Center Statistics 1988-2003, Available at: http://www.cert.org/stats/cert_stats.html
Debar H., Dacier M., Wespi A., (1999) Towards a taxonomy of intrusion detection systems, Computer Networks
Lippmann R.,et al., (1998) Evaluating Intrusion Detection Systems, The 1998 DARPA Off-line Intrusion Detection Evaluation. First International Workshop on Recent Advances in Intrusion Detection (RAID), Louvain-la-Neuve, Belgium
Lunt, T. (1993) A survey of intrusion detection techniques, Computers and Security
Morakis, E., Vidalis, A., Blyth, A. J.C. (2003a). Measuring Vulnerabilities and their Exploitation Cycle, Elsevier Information Security Technical Report, Vol. 8, No. 4
Morakis, E., Vidalis, S., Blyth, A.J.C. (2003b). A Framework for Representing and Analysing Cyber Attacks Using Object Oriented Hierarchy Trees. Second European Conference in Information Warfare, UK, pp235-246