Intrusion analysis in military networks - an introduction

This report gives an introduction to the intrusion analysis field, specifically studying military networks. The report presents the results from the first of three planned years of research in the "Warfare in the IT domain" project. The state-of-the-art of some of the sub-fields, together forming the intrusion analysis field, are presented. A presentation of a practical implementation of a honeynet is included and two experiments are described. The honeynet has been used for studying the fundamentals of intrusion analysis, which are discussed in a separate chapter. There is also a chapter discussing some remaining issues to be solved in future work.