This isn't exactly an academic text, but it's a step removed from the sorts of play-by-play descriptions of attacks and defenses you'll find in Stephen Northcutt's security books--reference is made to those books, as a matter of fact. This hardback volume explains the appearance of various kinds of attacks in broad terms, and shows how intrusion detection systems (IDS) can spot and record the clues (Windows NT security log entries are often used as examples). The text is conversational and liberally studded with bulleted definitions, boxed case studies, and references to Web sites and paper documents. While a working security administrator would probably want to back this book with one of Northcutt's texts and other more detailed books, The Practical Intrusion Detection Handbook makes an excellent choice for a student of business management who wants to be more than minimally informed about the operation of corporate information systems, so as to make better decisions about those systems. --David Wall
Topics covered: Intrusion detection systems (IDS) for whole networks as well as for individual computers, with emphasis on how intrusion detection works and how to configure it for maximum effectiveness and minimum false alarms. Establishing policies and setting procedures, and ways to choose IDS products and justify their purchase to management.