The March of IDES: Early History of Intrusion-Detection Expert Systems

As part of a broader prehistory and history of early intrusion-detection systems (IDSs), this article focuses on the first such system, Intrusion Detection Expert System (IDES), which was developed in the second half of the 1980s at SRI International (and SRI's follow-on Next Generation Intrusion Detection Expert System, or NIDES, in the early-to-mid 1990s). It also briefly recounts other early IDSs and the National Security Agency's Computer Misuse and Anomaly Detection (CMAD) Program, and it analyzes the disproportionately high contributions of women scientists to leadership in IDS research and development relative to other computer security specialties.

[1]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[2]  Dorothy E. Denning,et al.  Secure information flow in computer systems. , 1975 .

[3]  James N. Menendez,et al.  A Guide to Understanding Audit in Trusted Systems , 1988 .

[4]  Harry M. Collins,et al.  Artificial experts - social knowledge and intelligent machines , 1990, Inside technology.

[5]  J. F. McClary,et al.  NADIR: An automated system for detecting network intrusion and misuse , 1993, Comput. Secur..

[6]  Willis H. Ware,et al.  Security and privacy in computer systems , 1899, AFIPS '67 (Spring).

[7]  T. Misa Gender Codes: Why Women Are Leaving Computing , 2010 .

[8]  Joshua Lederberg,et al.  How DENDRAL was conceived and born , 1987, HMI '87.

[9]  Eugene H. Spafford James P. Anderson: An Information Security Pioneer , 2008, IEEE Security & Privacy Magazine.

[10]  Alfonso Valdes,et al.  Next-generation Intrusion Detection Expert System (NIDES)A Summary , 1997 .

[11]  Peter G. Neumann,et al.  Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy , 2010, IEEE Symposium on Security and Privacy.

[12]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[13]  Giovanni Vigna,et al.  Intrusion detection: a brief history and overview , 2002 .

[14]  Lee E. Smith,et al.  Oral History , 1983 .

[15]  B. Blum,et al.  History of Medical Informatics , 1990, Yearbook of Medical Informatics.

[16]  Joshua Lederberg How DENDRAL was conceived and born , 1990 .

[17]  A. C. Lear Axent's rob clyde: why you need intrusion detection , 2000 .

[18]  Bruce G. Buchanan,et al.  The MYCIN Experiments of the Stanford Heuristic Programming Project , 1985 .

[19]  Marc Dacier,et al.  Intrusion detection , 1999, Comput. Networks.

[20]  Dorothy E. Denning,et al.  The SeaView security model , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[21]  H. Javitz,et al.  Detecting Unusual Program Behavior Using the Statistical Component of the Next-generation Intrusion Detection Expert System ( NIDES ) 1 , 1997 .

[22]  Virgil D. Gligor,et al.  Design and Implementation of Secure Xenix , 1987, IEEE Transactions on Software Engineering.

[23]  S. E. Smaha Haystack: an intrusion detection system , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[24]  Bernard Peters,et al.  Security considerations in a multi-programmed computer system , 1967, AFIPS '67 (Spring).

[25]  Garrel Pottinger,et al.  Mathematics, Technology, and Trust: Formal Verification, Computer Security, and the U.S. Military , 1997, IEEE Ann. Hist. Comput..

[26]  F. Meade A Guide to Understanding Audit in Trusted Systems , 1988 .