CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Trends in Intrusion Detection: Perspectives from a Security Tool Vendor

Gene Kim

Gene Kim - Tripwire Security Systems Inc.

Feb 19, 1999


Intrusion detection tool vendors have done a surprisingly poor job in educating customers about their offerings. All the product data sheets from different vendors seem identical, their products seem to solve the same problems, and yet use radically different approaches. Pity the customer, the IS manager who is ultimately accountable and responsible for securing their corporate networks, who have been mandated by upper management to spend money to solve "that intrusion detection problem".
In the first half of this talk, a brief history of last ten years of computer security threats is presented. Much has changed since the Morris worm, and if one connects the dots and squints in the right way, one might conclude that things are actually much, much worse now. The threat of more sophisticated rootkits and worms, script kiddies, and an increasingly vulnerable and homogeneous target demographic make computer security an exciting area to be working in.

In the second half of this talk, I present the emerging taxonomy of intrusion detection tools being provided by commercial vendors, along with a survey of their capabilities, and then present an alternate taxonomy which better accomodates the emerging need for forensic tools. Some challenges faced by virtually all tool vendors is then presented.

About the Speaker

Gene Kim is co-founder and chief technology officer at Tripwire Security Systems, Inc. Along with Dr. Eugene Spafford, Gene developed the Tripwire security tool in 1992 while at Purdue University COAST Laboratory. At TSS, he leads the development effort for the TripwireTM family of computer security products, and architected the first fully-supported, commercial release of Tripwire. Gene has published numerous papers on computer security, operating systems, and networking in Usenet, ACM, and IEEE publications. He received an M.S. in computer science from University of Arizona and a B.S. in computer science from Purdue University.
Gene's other notable achievement at Purdue is purchasing Spaf's 1975 Oldsmobile Cutlass. Due to pending law suits and international treaty violations, stories are currently unavailable.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.