Chapter 5

Current Network Security

In a recent National Geographic Channel video presentation titled On Board Air Force One, Colonel Mark Tillman, who flew Air Force One with the President on board on September 11, 2001, was interviewed. In that interview, Colonel Tillman said of 9/11:

Sadly they beat us. The terrorists beat us. I am ready to admit it hands down, they beat us. So, we had to change everything to make sure they wouldn't beat us again.

As a result of 9/11, much has been done. Among the many changes: The Department of Homeland Security (DHS) was formed, we have decimated much of the al-Qaeda leadership, and we are fighting a global war against the terrorism that led to 9/11. However, we as a nation truly remain under serious cyber attack. Far less has been accomplished in forming an improved and proactive cyber attack defense. Continued attacks are swift, effective, and in some cases crippling. The attacks are originating from malicious attackers inside our country, as well as from foreign sources and adversaries, and our defense simply is not getting better. Losses as measured by effects of actual disruption of network operations or the loss of classified or proprietary information are obvious and fly in the face of promised protection.

This chapter is focused on the truthful evaluation of the effectiveness with which current network intrusion detection technologies protect our networks and prevent unauthorized access and damage. Basic network protection concepts ...

Get Predicting Malicious Behavior: Tools and Techniques for Ensuring Global Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.