--=====================_828745598==_ Content-Type: text/plain; charset="us-ascii" Hello, I'm finishing up a presentation for the TISC '96 conference in May and I really need everyone's help. The paper is a overview of the current state-of-the-art in the field of intrusion detection. As part of the paper, I'd like to present the perspective of security professionals, network administrators, and anyone who uses a network. I've attached a (very) short questionnaire that addresses some of the key issues of intrusion detection. If you could, please take a few minutes and answer the questions. They are all multiple choice, but your responses will be invaluable for this paper. Responses should be emailed directly to me. Your assistance is greatly appreciated. Jim --=====================_828745598==_ Content-Type: text/plain; charset="us-ascii" Content-Disposition: attachment; filename="QUESTI~1.TXT" INTRUSION DETECTION QUESTIONNAIRE Mr. James Cannady and Mr. Jay Harrell from the Georgia Tech Research Institute are currently preparing a report on the current state of intrusion detection research. As part of that report, the thoughts and experiences of network professionals are requested as a measure of the effectiveness of current information security measures. Your assistance is greatly appreciated. All responses will be kept absolutely confidential and anonymous or partial submissions are welcome. We will present summary results at the TISC conference in May (insert URL here) We are research faculty of Georgia Institute of Technology and we can be reached by US mail, email, or telephone at the following addresses: James Cannady James.Cannady@gtri.gatech.edu Georgia Tech Research Institute Atlanta GA 30332-0832 404/894-9730 Jay Harrell Jay.Harrell@gtri.gatech.edu Georgia Tech Research Institute Atlanta GA 30332-0832 404/894-8953 Description of Host System 1. Please describe yourself -network administrator -management -network user -other (specify) 2. Please describe the nature of the organization supported by the network -Academia -Non-profit Organization -Manufacturing -Telecommunications -Computers -Transportation -Other 3. Please briefly describe the following components of your network: -Number of workstations on network -Number of users -External connections (i.e., Internet) -Operating systems Perception of Need 4. Please rate the following on a scale from 1 (minimal) to 10 (serious) a. Your concern for the security of your network b. The network administrators concern for security c. The senior management's concern for security d. The typical network user's concern for security 5. Please rate the following network threats on a scale of 1 (lowest ) to 6 (highest) a. Hackers b. Crackers c. Phreakers d. Disgruntled employees e. Foreign governments f. Economic Competitors Security Measures 6. What kinds of security measures are utilized on the network: -Operating system-based security measures -Intrusion detection systems -Firewalls -Other 7. Do you use commericial off-the-shelf security products? (Please Specify) -yes -no -don't know -can't say 8. What type of misuses which you are trying to detect? -Attempted break-in -Masquerading -Penetration by legitimate users -Viruses -Denial-of-Service -Other System Attacks 9. Has your network ever been compromised by an external or internal attack -yes -no -don't know -can't say (Please give details if you can) 10. Were any intrusion detection mechanisms or other security systems employed prior to the attack? -yes -no -don't know -can't say (Please give details if you can) 11. Were those security mechanisms successful in preventing or minimizing the attack? -yes -no -don't know -can't say (Please give details if you can) 12. Was the attack reported? -yes -no -don't know -can't say (Please give details if you can) 13. Were any additional security measures employed after the attack? -yes -no -don't know -can't say (Please give details if you can) Comments 14. Please provide any additional comments regarding the security of your system, or your thoughts on the topic of intrusion detection mechanisms. --=====================_828745598==_ Content-Type: text/plain; charset="us-ascii" ================================== James Cannady | Research Scientist | Georgia Institute of Technology | GTRI/ITL/CSITD | James.Cannady@gtri.gatech.edu | (404) 894-9730 | ================================== --=====================_828745598==_--