Dear Colleagues, Thank you for providing me with your reports on Intrusion Detection and related topics in the past. Here is one that I have written. I would love to hear any and all the comments you might have about it. Be forewarned, however, that despite the date on the report it was actually written in September 93 (Spaf just didn't get around to correcting it!). The model has changed substantially and I have done more work on it since then. I am now trying to implement the revised model to derive some experimental results which will provide further input to the model. I have written another report which justifies the new model and yet another on the prototype implementation (though I'm not sure when they'll be polished enough to be publishable). I'll be making these available soon. This report and future ones will be available through the COAST home page of our department's WWW server. Please keep me informed about ID and security related activities at your end. ftp://coast.cs.purdue.edu/pub/doc/intrusion_detection/kumar-spaf-overview.ps.Z [replaced by URL due to size -jdm]